In a major blow to cybercrime, the Justice Department has seized four web domains used by administrators and customers of a domain spoofing service known as LabHost. The service, operated through the Lab-host.ru domain, provided online infrastructure and interactive functionality for its subscription-based services.
According to court records, LabHost customers used its services to create and manage spoofed websites designed to look like the legitimate websites of businesses such as Amazon, Netflix, Wells Fargo, Bank of America, and Chase Bank. The spoofed websites were used to lure unwitting victims into disclosing their personally identifiable information (PII) — e.g., date of birth, email address, password, address, and credit card information — on the websites the victims believed were legitimate.
LabHost customers then used the stolen PII to engage in unauthorized financial transactions at the expense of the victims. As outlined in court records, LabHost has been used to create over 40,000 spoofed websites, and its infrastructure has stored over one million user credentials and nearly 500,000 compromised credit cards.
The warrants authorized the seizure of the following four domains associated with application programming interface (API) services used to install spoofed websites and manage LabHost’s phishing and credential-theft operations: Instapi-1xoa93z90o348fz.co, Api2-4hdfix74ks.co, Api1-9kcpqcf7olw1w300w3m6.cc, and Api-d789342789342uy432hjf87df87dfk.cc. The four LabHost API domains were registered to NameSilo, LLC, a third-party webhosting service based in the United States.
The seizure of the domains has effectively shut down the LabHost platform, dealing a significant blow to cybercrime. Attorney General Merrick B. Garland praised the efforts of the U.S. Attorney’s Office for the Western District of Pennsylvania, the FBI, and the Secret Service for their work on the case.
“Together with our international partners, the Justice Department has disrupted another cybercrime scheme originating from Russia that enabled criminals to steal from over a million victims in the United States and around the world,” Garland said.
U.S. Attorney Eric G. Olshan for the Western District of Pennsylvania emphasized that the theft of personal information should never be seen as just another cost of using the internet. “Today’s domain seizures show that cybercriminals’ greed will not go unchecked — no matter their sophistication and geographic reach. We will continue to work with our domestic and foreign law enforcement partners, using all available tools, to protect the global public.”
Related Federal Cases
- Andrey Ghinkul, Bugat Malware Distribution, Pennsylvania 2024 · Pennsylvania
- Operation Wire, Cybercrime, Pennsylvania 2024 · Pennsylvania
- Michael D. Metz, Online Extortion, Pennsylvania 2024 · Pennsylvania
- Victor Uzor, Email Scam, Pennsylvania 2024 · Arkansas
- Emily J. Marschall, Computer Fraud Scheme, Pennsylvania 2024 · Pennsylvania
Key Facts
- State: Pennsylvania
- Category: Cybercrime
- Source: DOJ Press Release â†â€â€
ðŸâ€Â’ Get the grimiest stories delivered weekly. Subscribe free →

