Pig butchering a bigger threat with ‘as-a-service’ options

Sponsored by

Your machine data knows things: Unlock it with Splunk and get game-changing insights—plus a critical resource to power AI. Tapping into machine data can boost your security and reliability. See more.

Just when you thought the cyberattack known as “pig butchering” couldn’t sound any worse, a new report from network security company Infoblox is spotlighting a new twist: pig butchering…as a service.

Pig butchering refers to a social-engineering attack that convinces victims to invest their money into fake investment platforms controlled by the scammer.

According to the Infoblox study released on Jan. 8, service providers operating in Southeast Asia are using “as-a-service” kits to expand the scam even more rapidly.

“These criminal gangs are not just doing this because it’s fun. They’re doing this because it’s very, very profitable, and there is very little law enforcement and very little risk for them being involved,” Maël Le Touz, senior threat researcher at Infoblox, told IT Brew.

How lucrative? This month, Chainanalysis estimated that cryptocurrency scams led to the theft of $17 billion in 2025. While pig butchering remains a “dominant” subtype of these scams, the blockchain data platform also noted that various types of impersonation attacks (like attackers posing as government organizations) are also in effect.

IT Brew has previously reported on the pig-butchering increase, and many experts say the US government isn’t doing enough to fight the threat.

According to Infoblox, the butchering is easier than ever with ready-made tools that can take over tedious aspects of scam life. As-a-service offerings include:

• Preregistered SIM cards
• Stolen social media accounts
• 4G and 5G routers
• Packages of stolen pictures used to lure victims, also known as “character sets”
• Fake but convincing finance applications
• Templates in multiple languages

“It takes a certain spirit to be able to lie and deceive people,” Le Touz said. “By using those ready-made tools, that enables a lot of people to be scammers. It lowers the entry barrier.”

As-a-service cyberattack models are not new, and now include ransomware, phishing, malware, and more. A pig-butchering-as-a-service (PBaaS) service could make scammers even more difficult to track down “because everybody’s using the same kit,” Le Touz said.

What to do about it. Understanding scammers and their preferred tools can help defenders tasked with protecting highly targeted personnel, according to Nick Hyatt, senior threat intelligence consultant at cybersecurity advisory GuidePoint Security. In an email to IT Brew, he added that such knowledge may assist IT pros in preemptively blocking suspect infrastructure.

For Hyatt, the “as-a-service” aspect of the threat isn’t unique to pig-butchering scams—it’s yet another example of cybercriminal organizations effectively adapting their infrastructure.

“If this weren’t specific to pig-butchering scams, it would be used for another offering. The infrastructure isn't reliant on the scam—if anything, the scam is reliant on the infrastructure,” Hyatt wrote to us.