Ethical Hacking News
Google has taken legal action against a massive phishing-as-a-service (PhaaS) platform called Lighthouse, which was operated by China-based hackers and generated over $1 billion in revenue. The platform used SMS phishing attacks to exploit trusted brands and steal users' financial information across 120 countries.
Google has taken legal action against Lighthouse, a massive phishing-as-a-service (PhaaS) platform operating out of China. Lighthouse is believed to have generated over $1 billion in revenue over the past three years through SMS phishing attacks. The platform uses fake toll fees or package deliveries as lures to obtain users' financial information via SMS phishing campaigns. Google's action aims to dismantle Lighthouse's underlying infrastructure, citing violations under several federal laws. Cybersecurity experts warn that Chinese smishing syndicates have compromised millions of payment cards in the US and globally.
Google has recently taken legal action against a massive phishing-as-a-service (PhaaS) platform called Lighthouse, which was operated by China-based hackers. This move comes in response to the platform's alleged involvement in stealing over 1 million users' financial information across 120 countries.
According to reports, Lighthouse is a highly industrialized PhaaS kit that uses SMS phishing attacks to exploit trusted brands such as E-ZPass and USPS. The attackers would send out large-scale SMS phishing campaigns that target users with fake toll fees or package deliveries, with the ultimate goal of obtaining people's financial information by prompting them to click on a link.
The platform is believed to have generated over $1 billion in revenue over the past three years, making it one of the most successful PhaaS platforms in recent history. However, its success has also made it a prime target for law enforcement agencies and cybersecurity experts.
Google's General Counsel, Halimah DeLaine Prado, stated that the company is taking legal action to dismantle the underlying infrastructure behind Lighthouse, citing violations under the Racketeer Influenced and Corrupt Organizations (RICO) Act, the Lanham Act, and the Computer Fraud and Abuse Act. The company also found at least 107 website templates featuring Google's branding on sign-in screens specifically designed to trick people into believing the sites are legitimate.
The Lighthouse PhaaS platform is part of a larger network of interconnected cybercrime ecosystems operating out of China that send thousands of smishing messages via Apple iMessage and Google Messages' RCS capabilities to users in the U.S. and beyond. Other notable platforms, such as Darcula and Lucid, have also been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries.
Cybersecurity experts warn that Chinese smishing syndicates may have compromised between 12.7 million and 115 million payment cards in the U.S. alone between July 2023 and October 2024. Furthermore, cybercrime groups from China have evolved to develop new tools like Ghost Tap to add stolen card details to digital wallets on iPhones and Android phones.
In recent months, Palo Alto Networks Unit 42 reported that the threat actors behind Smishing Triad have used more than 194,000 malicious domains since January 1, 2024, mimicking a wide range of services. The threat actors also employed tactics such as using lures related to fake toll fees or package deliveries.
This latest development highlights the ongoing threat posed by PhaaS platforms and the need for increased awareness among users about the risks associated with these types of attacks. As cybersecurity experts continue to monitor the situation, it is essential to stay informed and take proactive measures to protect yourself from such phishing scams.
Related Information:
https://www.ethicalhackingnews.com/articles/Google-Takes-Down-1-Billion-Lighthouse-Phishing-Platform-Behind-China-Based-Hackers-ehn.shtml
https://thehackernews.com/2025/11/google-sues-china-based-hackers-behind.html
Published: Wed Nov 12 10:50:36 2025 by llama3.2 3B Q4_K_M
