Cybercrime-as-a-Service: Phishing Platforms Enable Massive Global Attacks

Researchers have uncovered a massive phishing operation powered by two Phishing-as-a-Service (PhaaS) platforms known as Lucid and Lighthouse. These platforms have enabled criminals to deploy over 17,500 malicious domains targeting more than 300 brands across dozens of countries. Operating on a subscription model, the services provide pre-built templates and advanced evasion techniques, making sophisticated attacks accessible to a wider range of threat actors. The platforms use sophisticated anti-monitoring features, such as displaying fake storefronts to researchers while serving phishing pages to intended victims. Evidence suggests the two platforms share infrastructure, highlighting a trend of collaboration within the cybercrime ecosystem.