The Federal Bureau of Investigation (FBI) has announced the takedown of a large-scale global phishing operation that targeted more than 17,000 victims worldwide, marking a significant breakthrough in the fight against cybercrime.
The operation, centered around a platform known as “W3LL,” functioned as a phishing-as-a-service marketplace, enabling cybercriminals to easily launch attacks. For a fee of around $500, users could purchase access to phishing kits that allowed them to create fake login pages closely mimicking legitimate websites to steal user credentials.
Once victims entered their login details, the system not only captured usernames and passwords but also collected session data, enabling attackers to bypass multi-factor authentication and gain persistent access to accounts. Authorities estimate that the operation facilitated over $20 million in attempted fraud globally.
The takedown was carried out in collaboration with Indonesian law enforcement agencies, leading to the seizure of key domains and infrastructure associated with the platform. Officials also confirmed the detention of the suspected developer, identified only as “G.L.,” in Indonesia.
Describing the scale of the operation, an FBI official noted that this was not a simple phishing scheme but a “full-service cybercrime platform,” highlighting the increasing sophistication of such tools that lower the barrier to entry for cybercriminals.
The crackdown underscores the growing threat posed by phishing-as-a-service ecosystems, where even non-technical actors can execute large-scale cyberattacks. It also reflects the importance of international cooperation in tackling cybercrime networks that operate across borders and impact victims globally.
 has announced the takedown of a large-scale global phishing operation that targeted more than){kind=link}