Security News > 2023 > November > Major Phishing-as-a-Service Syndicate 'BulletProofLink' Dismantled by Malaysian Authorities

Malaysian law enforcement authorities have announced the takedown of a phishing-as-a-service operation called BulletProofLink.

The Royal Malaysian Police said the effort, which was carried out with assistance from the Australian Federal Police and the U.S. Federal Bureau of Investigation on November 6, 2023, was based on information that the threat actors behind the platform were based out of the country.

BulletProofLink, also called BulletProftLink, is known for offering ready-to-use phishing templates on a subscription basis to other actors for conducting credential harvesting campaigns.

According to an analysis from Microsoft in September 2021, BulletProofLink actors also engaged in what's called double theft wherein the stolen credentials are sent to both their customers and the core developers, resulting in additional monetization avenues.

"BulletProftLink is associated with the threat actor AnthraxBP who also went by the online nicknames TheGreenMY and AnthraxLinkers," cybersecurity firm Intel 471 said last week.

"The actor maintained an active website advertising phishing services. The actor has an extensive underground footprint and operated on a number of clear web underground forums and Telegram channels using multiple handles."

News URL

https://thehackernews.com/2023/11/major-phishing-as-service-syndicate.html