The phishing kit Lighthouse, which has aided text scams like those soliciting victims to pay unpaid road tolls, appears to have been hampered shortly after Google filed a lawsuit aimed at its creators.

Google said on Thursday that Lighthouse had been shut down. Two other organizations that have tracked the suspected Chinese operators of Lighthouse said they saw signs it had at least been disrupted.

“This shut down of Lighthouse’s operations is a win for everyone,” said Halimah DeLaine Prado, general counsel at Google. “We will continue to hold malicious scammers accountable and protect consumers.”

Members of the syndicate, known to some by the name Smishing Triad, had been corresponding on Telegram channels.

“We can confirm that all Lighthouse Telegram channels previously tracked have been deleted or taken down due to Telegram TOS violations,” Kasey Best, the director of threat intelligence at Silent Push, told CyberScoop. “We are tracking many websites still active and using Lighthouse kit code, as well as phishing kits used by other Smishing Triad threat actors, but there could be backend changes with Lighthouse or other disruptions in this criminal ecosystem which are just starting to be seen.

“Either way, this is a positive sign for Google’s lawsuit, and we look forward to increased pressure against smishing threat actors based mostly in China,” Best continued.

Ford Merrill, lead researcher at SecAlliance, told CyberScoop that it “can confirm that several domains historically associated with Lighthouse infrastructure appear to no longer be resolving to DNS requests at present.”

Google filed its lawsuit in the U.S. District Court for the Southern District of New York. They allege that 25 unnamed individuals behind Lighthouse have violated racketeering, trademark and anti-hacking laws with their prolific SMS phishing, or “smishing,” platform.

The post Google, researchers see signs that Lighthouse text scammers disrupted after lawsuit appeared first on CyberScoop.

Google on Wednesday filed a lawsuit against pesky text message scammers — like those who flood targets with notices that they have unpaid road tolls, or have a package waiting — in an attempt to disrupt a “phishing for dummies” operation the company accuses of victimizing more than 1 million people.

The lawsuit against 25 unnamed individuals believed to reside in China takes aim at those behind the phishing-as-a-service kit known as Lighthouse and its “staggering” scale.

“Defendants are a group of foreign cybercriminals who have engaged in relentless phishing attacks against millions of innocent victims, including Google customers, to steal personal and financial information,” the lawsuit filed in the U.S. District Court for the Southern District of New York reads. “These attacks have collectively swindled innocent victims out of millions of dollars and harmed Google through the unauthorized use of its trademarks and services.”

Google alleges that the defendants violated multiple laws in their SMS phishing, or “smishing,” operation: the Racketeer Influenced and Corrupt Organizations Act, the Lanham Act that governs trademark law and the main federal anti-hacking statute, the Computer Fraud and Abuse Act. Some of the smishing messages make use of Google product logos, and target Google customers.

The civil suit seeks a temporary restraining order and damages against the unnamed individuals. Google is asking the court to compel hosting providers to block Lighthouse-connected IP addresses and fraudulent domains from using those services. The company also hopes that it can help raise user awareness by filing the suit.

Other organizations have tracked the scope of Lighthouse and its ilk. One firm found that in a 20-day period, 200,000 Lighthouse-created websites attracted more than 1 million victims in 121 countries.

Another said that between July 2023 and October 2024, Chinese smishing syndicates compromised between 12.7 million and 115 million payment cards in the United States alone.  Over that same timeframe, Google’s suit states, Lighthouse users also launched 32,094 distinct U.S. Postal Service phishing sites.

“The scam is simple: criminals send a text message, prompting recipients to click a link and share information such as email credentials, banking information and more,” Google explained in a blog post announcing the suit. “They exploit the reputations of Google and other brands by illegally displaying our trademarks and services on fraudulent websites.”

In addition to the lawsuit, Google on Wednesday endorsed three bills from House and Senate members to combat fraud. Those bills are the Guarding Unprotected Aging Retirees from Deception (GUARD) Act, which would permit state and local law enforcement to use federal grants to investigate financial scams aimed at retirees; the Foreign Robocall Elimination Act, which would create a task force to fight foreign-originated robocalls; and the Scam Compound Accountability and Mobilization (SCAM) Act, which would direct an executive branch national strategy to counter scam compounds.

“Legal action can address a single operation; robust public policy can address the broader threat of scams,” Halimah DeLaine Prado, general counsel for Google, wrote in the blog post.

The post Google files lawsuit against Lighthouse ‘phishing for dummies’ text scammers appeared first on CyberScoop.