Microsoft said on Tuesday that it seized 338 websites related to a Nigerian-based service, which allowed users to run a fishing campaign
According to general lawyer Steven Masada, assistant to Microsoft’s Digital Crime Unit, a service called “Raccoon0365” allowed users to engage in fishing operations, including thousands of emails at a time.
Fishing operations stole a 5,000 Microsoft user Creditia lease.
Fishing is a cybercrime in which criminals replicate reliable domains to disintegrate users in revealing sensitive information such as passwords or banking details.
How did the fishing plan work?
Raccoon0365 operates through a private telegram channel with more than 850 customers.
Service enables users to apply brand names and achieve the goal to enter Microsoft login details on fake microsoft platforms. For Masada of Microsoft, Seva has performed at least $ 100,000 (€ 84.425) in cryptocurrency payment for its operators launching its operators Sion in July 2024.
Masada said Raccoon0365 users targeted a wide range of industries, a significant number of organizations located in New York City, Masada said.
How did Microsoft seize Raccoon0365?
For Masada, Microsoft identified what it was said in April, according to a company blog, in February this year, there was a Raccoon0365-related effort using the Fishing Fishing email to target more than 2,300 organizations.
Earlier this month, Microsoft ordered the seizure of domains associated with Raccoon0365 from the US district court in Manhattan. Websites were confiscated during the period of days earlier this month.
“There is no need to refine to cause widespread damage to the cyber criminal,” Masada said. “Simple tools such as raccoon0365 virtually make cybercrime accessible to anyone, putting millions of users at risk,” he said.
Raccoon0365 operators used cloudflare services to help hide the backnd infrastructure of the service. Cloudflare worked to reduce Raccoon0365 operations with microsoft and US secret service and prevent operators from installing new accounts.
Blake Darche, head of the threat in Cloudflair, said Blake Darche said they were highly effective when Raccoon0365 operators made some operational security mistakes.
“They are in people’s accounts, they compromise many people, and need to stop it clearly,” Heer said.