Names | Planetary Reef (PhishLabs) | |
Country | Indonesia | |
Motivation | Financial gain | |
First seen | 2020 | |
Description | (PhishLabs) PhishLabs is monitoring a threat actor group that has set up fraudulent hosting companies with leased IP space from a legitimate reseller. They are using this infrastructure for bulletproof hosting services as well as to carry out their own phishing attacks. The group, which is based in Indonesia, has been dubbed Planetary Reef. Planetary Reef is most notable in how they host phishing sites. While traditional methods of distributing phishing attacks rely on compromised websites or increasingly, free domains, Planetary Reef is leasing their IP space from a large reseller. Using space, the group has created an array of seemingly legitimate hosting companies that they promote through social media. | |
Observed | ||
Tools used | ||
Information | <https://info.phishlabs.com/blog/planetary-reef-cybercriminal-hosting-and-phishing-as-a-service-threat-actor> |
Last change to this card: 05 January 2021
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |