Microsoft takes control of websites suspected in Nigeria-based email scams
In a significant move against cybercrime, the authorities have successfully taken down the Raccoon0365 phishing operation. The operation, linked to a Nigerian-based group, was known for impersonating trusted brand names and deceiving users into revealing sensitive information, particularly Microsoft 365 login details.
The takedown of Raccoon0365 involved the seizing of its associated domains through a court order in the US District Court in Manhattan, and the shutting down of its domains by seizing the domain registrar accounts and collaborating with hosting providers to suspend the domains.
Microsoft 365 played a crucial role in this operation, working alongside Cloudflare and the US Secret Service to ensure the operators could not establish new accounts. Raccoon0365 operators had been active since at least July 2024, generating at least $100,000 (€84,425) in cryptocurrency payments.
The phishing operation used a private Telegram channel with over 850 subscribers and targeted more than 2,300 organizations, primarily in the US, with a significant number of victims based in New York City. The scheme resulted in the theft of at least 5,000 Microsoft 365 user credentials.
The Raccoon0365 operators used Cloudflare services to help conceal the service's backend infrastructure, but their operational security mistakes were their undoing. Despite their effectiveness in compromising accounts and causing harm, the seizure of the Raccoon0365 websites occurred over a period of days earlier this month.
Blake Darche, the head of threat intelligence at Cloudflare, emphasised the need to stop the Raccoon0365 operations due to the number of accounts compromised and the harm caused. He stated, "Phishing is a serious threat, and it's crucial we take action to protect users and businesses from such attacks."
Phishing, as a cybercrime, involves impersonating trustworthy domains to deceive users into revealing sensitive information. It's a reminder for everyone to be vigilant when online and to never reveal personal or sensitive information unless absolutely certain of the authenticity of the request.
Read also:
- InformationWarfare in the Modern Era: Enhancing an Information Strategy for today's Battlefield and Botnet Threats
- U.S. intelligence leader alleges UK succumbed to pressure over Apple data access request
- Politician's Rivalry Slips into Online Traps Made for Stealing Information via Social Media Phishes
- Top 46 Significant Tech Firms Based in Toronto
