A joint law enforcement operation has taken down a phishing-as-a-service (PaaS) platform, known as ‘iServer,’ that victimized nearly 500,000 people, mostly from Spanish-speaking countries.

iServer offered a PaaS platform designed to exploit stolen phones. The platform's criminal users, referred to as ‘unlockers,’ provided unlocking services to other criminals who had possession of stolen phones. Once a phone was unlocked, it could be resold or used for illicit activities.

Unlockers would purchase access to iServer and pay additional fees for phishing campaigns via SMS, emails, or calls designed to steal credentials or gain unauthorized access to the devices of legitimate users. The campaigns preyed on victims, luring them into believing they were regaining access to their stolen phones. Instead, they were being phished, leading to further exploitation.

Investigators estimate that over 1.2 million mobile phones were unlocked using iServer, with 483,000 individuals falling victim to the phishing campaigns. The victims were primarily Spanish-speaking nationals from Europe, North America, and South America.

During raids conducted between September 10 and 17, officials arrested 17 people linked to the platform, seized over 900 items, including mobile phones, electronic devices, cars, and weapons. Among those arrested was the administrator of iServer, an Argentinian national who had been at the helm of the operation since 2018.

In other news, an international police operation has resulted in the arrest of 51 individuals linked to Ghost, an encrypted platform used by criminals for large-scale drug trafficking and money laundering. The platform's popularity among criminals is due to its secure messaging feature, which allows users to send self-destructing messages. 38 arrests were made in Australia, 11 in Ireland, one in Italy, and one in Canada. Authorities also dismantled a drug lab in Australia, seizing weapons, drugs, and over €1 million in cash globally.