Google files lawsuit against China-based hackers running $1bn Lighthouse Phishing scheme

Google has filed a civil suit in New York accusing China-based hackers of operating the "Lighthouse Phishing" scheme that netted more than $1 billion.

The lawsuit targets infrastructure used to send mass SMS and iMessage scams that impersonated postal and toll services.

The Alphabet-owned giant said the kit, marketed as a Phishing-as-a-Service product, included templates showing Google sign-in screens to steal credentials and payment data.

Google’s lawyers are seeking to use RICO and computer fraud laws to dismantle the network and seize domains and servers tied to the operation.

"They exploit the reputations of Google and other brands by illegally displaying our trademarks and services on fraudulent websites," General Counsel at Google, Halimah DeLaine Prado, said.

"We found at least 107 website templates featuring Google's branding on sign-in screens specifically designed to trick people into believing the sites are legitimate," she noted.

However, security firms tracking the campaign noted that Lighthouse operators licensed templates to affiliates who sent millions of smishing messages to victims across 120 countries.

The scams relied on fake delivery notices and bogus toll fees to push people to malicious links.

Notably, the US authorities and private companies have already worked to take down phishing sites before, but Google said the scale and sophistication of this Lighthouse Phishing scheme, and the China links behind it, demand a broader legal remedy.

The company has also urged users to avoid links in unexpected texts and to enable two-step verification.