Última hora
AR3 explosions heard in Iran's Konarak cityARتجدد القصف على جنوب إيران وتصاعد الخطاب السياسي في إسرائيلARتصعيد عسكري جديد بين طهران وواشنطن: هل نحن أمام صراع مفتوح؟ARالدفاع الروسي يدمر 152 مسيرة أوكرانية في 12 ساعةARالأنظار تتجه نحو مواجهة المغرب وفرنسا في ربع نهائي كأس العالمARمدينة بالم بيتش تغير اسم مطارها إلى مطار الرئيس دونالد ترمب الدوليARتقنية حكم الفيديو المساعد (VAR) في كأس العالم 2026: بين القياس والتقديرARاتصال هاتفي بين وزيري خارجية السعودية وقطر لبحث تطورات المنطقةARتسريبات تكشف تصميم وألوان ومواصفات هاتف Galaxy Z Fold 8 Ultra الجديدARأوكرانيا تسعى لإنتاج صواريخ باتريوت.. وتفاصيل لقاء زيلينسكي وترامبAR3 explosions heard in Iran's Konarak cityARتجدد القصف على جنوب إيران وتصاعد الخطاب السياسي في إسرائيلARتصعيد عسكري جديد بين طهران وواشنطن: هل نحن أمام صراع مفتوح؟ARالدفاع الروسي يدمر 152 مسيرة أوكرانية في 12 ساعةARالأنظار تتجه نحو مواجهة المغرب وفرنسا في ربع نهائي كأس العالمARمدينة بالم بيتش تغير اسم مطارها إلى مطار الرئيس دونالد ترمب الدوليARتقنية حكم الفيديو المساعد (VAR) في كأس العالم 2026: بين القياس والتقديرARاتصال هاتفي بين وزيري خارجية السعودية وقطر لبحث تطورات المنطقةARتسريبات تكشف تصميم وألوان ومواصفات هاتف Galaxy Z Fold 8 Ultra الجديدARأوكرانيا تسعى لإنتاج صواريخ باتريوت.. وتفاصيل لقاء زيلينسكي وترامب
Newsgather
BackFBI and Indonesian Authorities Dismantle Global 'W3LL' Phishing Operation
FBI and Indonesian Authorities Dismantle Global 'W3LL' Phishing Operation
NOTICIA
Times of India13.04.2026Crime2 dk okumaIndia

FBI and Indonesian Authorities Dismantle Global 'W3LL' Phishing Operation

The operation, which facilitated over $20 million in fraud, targeted thousands of victims worldwide using a sophisticated 'full-service' phishing kit.

En resumen

The FBI and Indonesian law enforcement have dismantled the 'W3LL' phishing operation, a platform that enabled cybercriminals to steal credentials and bypass multi-factor authentication, resulting in over $20 million in attempted fraud.

Resumen generado por IA

Por qué importa

The W3LL phishing kit was a 'full-service' platform that allowed criminals to bypass multi-factor authentication by capturing session data, enabling them to impersonate legitimate login pages.

Tamaño de fuente

The FBI Atlanta Field Office and Indonesian law enforcement authorities dismantled a sophisticated global phishing operation that enabled cybercriminals to steal thousands of victims’ account credentials and attempt more than $20 million in fraud.

The operation used a 'full-service' kit to steal usernames and bypass security on thousands of accounts worldwide. The operation centered on a tool called the 'W3LL phishing kit.' This cybercrime platform allowed criminals to impersonate legitimate login pages to trick victims into handing over their usernames and passwords.

When victims typed in their usernames and passwords, the tool captured that information. It also grabbed session data, which let criminals get around multi-factor authentication, the security feature that sends a second verification code to a user’s phone or email. For a fee of about $500, users could purchase access to the kit and deploy fake websites designed to look nearly identical to trusted portals.

The tool was supported by an online marketplace called 'W3LLSTORE.' Between 2019 and 2023, the marketplace facilitated the sale of more than 25,000 compromised accounts. Even after the store shut down in 2023, the operation continued through encrypted messaging apps where the tool was rebranded. Between 2023–2024, the kit was used to target 17,000+ victims worldwide.

On April 10, the alleged developer (identified only as 'G.L.') was detained in Indonesia and the infrastructure was seized. Authorities have not released the full name of the alleged developer, identifying them only as G.L. It is also unclear how many individual victims in Georgia were specifically targeted by the 17,000 global phishing attempts recorded between 2023 and 2024.

'This wasn’t just phishing—it was a full-service cybercrime platform,' said FBI Atlanta Special Agent in Charge Marlo Graham. 'We will continue to work with our domestic and foreign law enforcement partners, using all available tools to protect the public.'

Global online scam by the numbers: $20 million: The amount of fraud attempts linked to the network. $500: The cost for a criminal to purchase access to the phishing kit. 25,000: The number of compromised accounts sold through the W3LLSTORE marketplace. 17,000: The number of victims targeted worldwide between 2023 and 2024.

The takedown cuts off a major resource used by cybercriminals. This is the first time U.S. and Indonesian authorities have taken coordinated action against a phishing kit developer. The U.S. Attorney’s Office for the Northern District of Georgia was involved in identifying and seizing the operation’s infrastructure.

Qué observar

Perspectiva de IA — posibilidades, no hechos

  • Further arrests of individuals associated with the W3LL marketplace.

    Probable · En meses

  • Increased scrutiny of similar 'phishing-as-a-service' platforms.

    Probable · En meses

Preguntas abiertas

  • What is the full identity of the developer G.L.?
  • How many victims were specifically located in the United States?
  • Are there other developers or associates still at large?

Temas relacionados

This article was originally published by Times of India.

Noticias relacionadas

Más sobre este temafbi