• Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
  • Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
Login
Join Free
Home
Asia
Africa
Europe
Latin America
Middle East
North America
Asia
Africa
Europe
Latin America
Middle East
North America
Asia
Africa
Europe
Latin America
Middle East
North America
Coming Soon
Job Board
Events
Contact Awards
USMC Deception Manual
Login
Join Free
Home Global Operations Asia

FBI and Indonesian Police Topple $500 Phishing Empire by Arresting Its Mastermind

  • SOFX Staff Writer
  • April 15, 2026
The FBI and Department of Justice seizure notice displayed on the w3ll.store domain, taken down as part of a joint law enforcement action targeting a global phishing network. (FBI Atlanta Public Affairs)
Share on FacebookShare on TwitterLinkedIn

The FBI and the Indonesian National Police have dismantled W3LL, a phishing-as-a-service (PhaaS) platform linked to more than $20 million in attempted fraud and more than 17,000 victims worldwide, in the first joint U.S.-Indonesia enforcement action to go after a phishing kit developer directly.

The FBI Atlanta Field Office announced the operation on April 13, seizing the w3ll.store domain under a court order from the U.S. District Court for the Northern District of Georgia.

FBI Atlanta and Indonesian law enforcement authorities have dismantled a global phishing operation that enabled cybercriminals to steal thousands of victims’ account credentials and attempt more than $20 million in fraud. Read more here: https://t.co/o1mMrtdAwT pic.twitter.com/VPu7lzzRhF

— FBI Atlanta (@FBIAtlanta) April 13, 2026


Indonesian authorities arrested G.L., the alleged developer behind the platform, whose full identity has not been released.

The accompanying W3LLSTORE marketplace, where stolen credentials and access to compromised systems were bought and sold, was also taken offline.

“This was a full-service cybercrime platform,” FBI Atlanta Special Agent in Charge Marlo Graham said.

CASE UPDATE from @FBIAtlanta: FBI, Indonesian Authorities Take Down Global Phishing Network Behind Millions in Fraud Attempts

In a first-of-its-kind joint cyber investigation, the #FBI Atlanta Field Office and Indonesian law enforcement authorities have dismantled a… pic.twitter.com/Ewtu0ptsHd

— FBI (@FBI) April 13, 2026


The W3LL kit sold for approximately $500 and produced fake login pages that closely matched those of legitimate services, with Microsoft 365 corporate portals as a primary target.

The kit deployed an adversary-in-the-middle attack, a technique in which a rogue server sits between the victim and the real site, capturing live session tokens alongside passwords. That allowed buyers to bypass multi-factor authentication and hold account access even after victims changed their credentials.

Between 2019 and 2023, the W3LLSTORE marketplace handled the sale of more than 25,000 compromised accounts. After the platform shut down, the operation shifted to encrypted messaging apps and continued through 2024.

By arresting the developer rather than individual operators, investigators severed access for every downstream criminal simultaneously.

The FBI and the U.S. Attorney’s Office for the Northern District of Georgia called the case a milestone in cross-border efforts to disrupt cybercrime infrastructure at its source.

SOFX Staff Writer

SOFX Staff Writer

The Editor Staff at SOFX comprises a diverse, global team of dedicated staff writers and skilled freelancers. Together, they form the backbone of our reporting and content creation.

Subscribe
Login
Notify of
guest
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
ADVERTISEMENT

Trending News

EU Declared Age App “Ready” While GitHub Flagged it Unfit, Then Hackers Bypassed It in 2 Minutes

EU Declared Age App “Ready” While GitHub Flagged it Unfit, Then Hackers Bypassed It in 2 Minutes

by SOFX Staff Writer
April 20, 2026
0

Security researchers bypassed the European Commission's new age verification app in under two minutes on April 16, days after Commission...

Air Force Releases Unprecedented B-21 Raider Photos Mid-Refueling

Air Force Releases Unprecedented B-21 Raider Photos Mid-Refueling

by SOFX Staff Writer
April 16, 2026
0

The U.S. Air Force has released the first overhead images of the B-21 Raider, offering a rare top-down view of...

Explainer: The Anthropic Mythos Threat, Simply Explained

Explainer: The Anthropic Mythos Threat, Simply Explained

by Sam Havelock
April 19, 2026
0

Anthropic’s new artificial intelligence (AI) model, called Claude Mythos Preview (CMP), is raising alarms across the tech and finance industries. ...

Nuclear Contractor Vanishes in Albuquerque, Becoming 10th Defense Expert to Die or Disappear as White House Vows Review

Nuclear Contractor Vanishes in Albuquerque, Becoming 10th Defense Expert to Die or Disappear as White House Vows Review

by SOFX Staff Writer
April 16, 2026
0

A government contractor with top security clearance at one of the nation's primary nuclear weapons production facilities disappeared from Albuquerque,...

ADVERTISEMENT
ADVERTISEMENT
Next Post
Oklahoma Principal Tackles Gunman as Columbine-Inspired Attack Is Foiled by Jammed Weapon

Oklahoma Principal Tackles Gunman as Columbine-Inspired Attack Is Foiled by Jammed Weapon

REGENT Flies First Defense WIG Drone in U.S. as Marines Eye Pacific Deployment Decision

REGENT Flies First Defense WIG Drone in U.S. as Marines Eye Pacific Deployment Decision

997 Morrison Dr. Suite 200, Charleston, SC 29403

News

  • Global Operations
  • Special Interest
  • Industry
  • Global Operations
  • Special Interest
  • Industry

Resources

  • About Us
  • Contact Us
  • Advertise with Us
  • Editorial Policy
  • Privacy Policy
  • About Us
  • Contact Us
  • Advertise with Us
  • Editorial Policy
  • Privacy Policy
No Result
View All Result
  • Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
Subscribe
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.

Log in to your account

Lost your password?
wpDiscuz