Security News > 2021 > February > Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin, a software package used to administer what's being called "One of the world's largest phishing services." The operation was carried out in coordination with the FBI and authorities in Australia, which was particularly hard hit by phishing scams perpetrated by U-Admin customers.

The Ukrainian attorney general's office said it worked with the nation's police force to identify a 39-year-old man from the Ternopil region who developed a phishing package and special administrative panel for the product.

"According to the analysis of foreign law enforcement agencies, more than 50% of all phishing attacks in 2019 in Australia were carried out thanks to the development of the Ternopil hacker," the attorney general's office said, noting that investigators had identified hundreds of U-Admin customers.

Brad Marden, superintendent of cybercrime operations for the Australian Federal Police, said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

"At one stage in 2019 we had a couple of hundred SMS phishing campaigns tied to just this particular actor. Pretty much every Australian received a half dozen of these phishing attempts."

According to this comprehensive breakdown of the phishing toolkit, the U-Admin control panel isn't sold on its own, but rather it is included when customers contact the developer and purchase a set of phishing pages designed to mimic a specific brand - such as a bank website or social media platform.

News URL

https://krebsonsecurity.com/2021/02/arrest-raids-tied-to-u-admin-phishing-kit/