TL;DR
The Justice Department says it has taken down web3adspanels.org, a service used by criminals to host credentials harvested via SEO-poisoning phishing campaigns. Prosecutors linked $28 million in attempted transfers to the platform and estimate about $14.6 million in actual losses; the FBI says at least 19 victims were impacted.
What happened
U.S. authorities disrupted a web platform known as web3adspanels.org after identifying it as a hub for storing credentials stolen through search engine–poisoning phishing operations. Operators of the scheme paid to position fake banking sites high in search results so victims would enter login details on convincing lookalike pages. Those credentials were collected and held on the platform, which prosecutors say was then used to attempt unauthorized access to bank accounts and move funds. Documents filed in the case link roughly $28 million in attempted illegal transfers to the service, with estimated actual losses of about $14.6 million. The FBI’s affidavit cites at least 19 victims, including two companies, connected to this specific scheme. A law-enforcement splash page now appears at the site’s address. The Justice Department did not provide technical details about how stricter protections such as multi-factor authentication were circumvented.
Why it matters
- Centralized credential-storing platforms can scale account takeover efforts and streamline fraud for many actors.
- Search-engine poisoning remains an effective delivery method for convincing victims to give up sensitive credentials.
- Officials have not detailed how enhanced protections such as MFA were bypassed, leaving uncertainty about defensive gaps.
- Reported incident totals sit within a broader rise in e‑crime: public complaint volumes and reported losses are substantial.
Key facts
- The domain web3adspanels.org is now showing a law-enforcement splash page after the takedown.
- The platform supported SEO-poisoning campaigns that presented fake banking websites to search users.
- Operators paid for prominent search placements to trick victims into entering account credentials.
- Prosecutors tied about $28 million in attempted illegal transfers to activity involving the platform.
- Estimated actual losses from the scheme are about $14.6 million.
- The FBI identified at least 19 victims linked to this particular operation, including two companies.
- The IC3 has received over 5,100 similar complaints since the start of the year, with reported losses exceeding $262 million.
- The FBI notes criminals often obtain MFA codes or one-time passcodes via social engineering to complete takeovers.
- Per IC3 figures, cyber-enabled fraud accounted for 83% of the $16.6 billion in reported e‑crime losses in 2024.
What to watch next
- Whether authorities will announce arrests or indictments related to the platform — not confirmed in the source.
- Whether any funds linked to the attempted transfers will be recovered and returned to victims — not confirmed in the source.
- If investigators or agencies release technical details explaining how multi-factor protections were bypassed — not confirmed in the source.
Quick glossary
- SEO poisoning: A tactic where attackers manipulate search engine results to promote malicious or fake sites so users find and visit them.
- Multi-factor authentication (MFA): A security approach requiring two or more verification methods (something you know, have, or are) to gain access to an account.
- Account takeover: When an attacker gains unauthorized access to an online account and uses it for fraudulent activity.
- Social engineering: Techniques that manipulate individuals into revealing confidential information or performing actions that compromise security.
- IC3 (Internet Crime Complaint Center): A U.S. federal center run by the FBI that collects complaints about online crime and produces loss statistics.
Reader FAQ
Has the site been taken down?
Yes. The domain now displays a law-enforcement splash page after the government action.
How many victims were affected?
The FBI identified at least 19 victims tied to this specific scheme, including two companies.
How much money was lost?
Prosecutors linked about $28 million in attempted transfers to the platform and estimate roughly $14.6 million in actual losses.
Did authorities explain how MFA was bypassed?
No. The Justice Department did not provide details on how stronger protections such as multi-factor authentication were circumvented.
CYBER-CRIME 1 US shuts down phisherfolk’s $14.6M password-hoarding platform Crooks used platform to scoop up and store banking credentials for big-money thefts Connor Jones Wed 24 Dec 2025 // 15:07 UTC The US says…
Sources
- US shuts down phisherfolk’s $14.6M password-hoarding platform
- Svoboda Cybersecurity Brief December 24, 2025
Related posts
- Federal judge blocks Texas App Store age-verification law ahead of rollout
- Detroit Apple Developer Academy’s $20,000-per-student cost and outcomes questioned
- U.S. Launches Biggest Nuclear Construction Program Since the 1970s