Operations of the iServer phishing-as-a-service platform, which has compromised 483,000 victims around the world, have been taken down in a joint crackdown by the Europol's European Cybercrime Centre and Ameripol's Specialised Cybercrime Centre, reports The Record, a news site by cybersecurity firm Recorded Future.
Attacks leveraging iServer to automate phishing pages impersonating widely used cloud-based mobile platforms commenced in North and South America before expanding in Europe, enabling the unlocking of more than 1.2 million devices, according to an analysis from Group-IB.
"The phishing attacks are specifically designed to gather data that grants access to physical mobile devices, enabling criminals to acquire users’ credentials and local device passwords to unlock devices or unlink them from their owners," said Group-IB researchers.
The takedown of iServer, conducted in coordination with other law enforcement agencies, has also resulted in the arrests of 17 individuals involved in the operation, including its Argentinian administrator, as well as the sequestration of over 900 items.