Ethical Hacking News
Microsoft takes down global cybercrime host RedVDS, a virtual desktop service used by phishing and fraud attackers, as part of a wider cross-border operation involving Europol and German law enforcement. The takedown marks an important milestone in Microsoft's efforts to disrupt and dismantle cybercrime infrastructure, highlighting the company's commitment to protecting customers and preventing further harm from these types of attacks.
Microsoft has filed parallel civil actions in the US and UK against RedVDS, a cybercrime-as-a-service platform.RedVDS sells access to disposable virtual dedicated servers for as little as $24 a month, used by cybercriminals to send phishing emails and run scams.The operation involved Microsoft working with law enforcement to seize two domains used to host the RedVDS marketplace and customer portal.The takedown of RedVDS marks an important milestone in Microsoft's efforts to disrupt and dismantle cybercrime infrastructure.Microsoft's Digital Crimes Unit said services like RedVDS have become a driving force behind today's surge in cyber-enabled crime, powering attacks that harm individuals, businesses, and communities worldwide.
Microsoft, a leading technology company known for its innovative software solutions, has taken a significant step in its ongoing efforts to combat cybercrime by targeting one of the world's largest virtual desktop services used to power phishing and fraud attacks. In its first major civil action outside the United States, Microsoft has filed parallel civil actions in the US and the UK, yanking RedVDS's marketplace and customer portal offline and seizing chunks of its infrastructure as part of a wider cross-border operation involving Europol and German law enforcement.
RedVDS is a cybercrime-as-a-service platform that sells criminals access to disposable virtual dedicated servers for as little as $24 a month. Those rented machines are then used to send phishing emails, hijack accounts, and run scams that have resulted in roughly $40 million in reported fraud losses in the US alone. The company's investigation found a loose, global network of cybercriminals buying access to the service and using it to target organizations across various sectors, including legal, construction, manufacturing, real estate, healthcare, and education.
The operation, which leaned on both the legal system and technical disruption, involved Microsoft working with law enforcement to seize two domains used to host the RedVDS marketplace and customer portal. The domains were replaced with a seizure notice, stating that the website has been seized by Microsoft and highlighting the company's commitment to combating cybercrime.
"This website domain has been seized by Microsoft," the notice reads. "Microsoft is committed to combating cybercrime. We prioritize protecting our customers by implementing robust security measures and taking appropriate actions, including filing civil lawsuits, to ensure a safe and secure digital environment."
The takedown of RedVDS marks an important milestone in Microsoft's efforts to disrupt and dismantle cybercrime infrastructure, which has become increasingly sophisticated and difficult to track. The company's Digital Crimes Unit, led by assistant general counsel Steven Masada, said the economics of services like RedVDS are a big part of the problem.
"For as little as $24 a month, RedVDS provides criminals with access to disposable virtual computers that make fraud cheap, scalable, and difficult to trace," Masada explained. "Services like these have quietly become a driving force behind today's surge in cyber-enabled crime, powering attacks that harm individuals, businesses, and communities worldwide."
This isn't the first time Microsoft has taken this approach. In September, working alongside Cloudflare, the company disrupted RaccoonO365, a large phishing-as-a-service operation that stole thousands of Microsoft 365 credentials.
The RedVDS takedown also marks a significant development in the global response to cybercrime, with Europol and German law enforcement agencies playing key roles in the operation. The cooperation between these agencies demonstrates the growing recognition of the need for international collaboration to combat the increasingly transnational nature of cybercrime.
As the threat landscape continues to evolve, it's clear that companies like Microsoft will play a critical role in disrupting and dismantling cybercrime infrastructure. By taking bold action against services like RedVDS, Microsoft is sending a strong message about its commitment to protecting customers and preventing further harm from these types of attacks.
The impact of the RedVDS takedown on global cybersecurity efforts cannot be overstated. By targeting one of the world's largest virtual desktop services, Microsoft has dealt a significant blow to the global network of cybercriminals using this infrastructure to power phishing and fraud attacks.
It remains to be seen how other companies will respond to this development, but it's clear that Microsoft's actions are setting a new standard for corporate responses to cybercrime. As the threat landscape continues to evolve, one thing is certain: companies like Microsoft will play a critical role in shaping the future of cybersecurity.
Related Information:
https://www.ethicalhackingnews.com/articles/Microsoft-Takes-Down-Global-Cybercrime-Host-RedVDS-A-New-Front-in-the-War-on-Phishing-and-Fraud-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/01/15/microsoft_uk_courts_redvds/
https://thehackernews.com/2025/09/raccoono365-phishing-network-shut-down.html
https://www.morado.io/blog-posts/understanding-raccoono365-phishing-as-a-service
Published: Thu Jan 15 05:51:12 2026 by llama3.2 3B Q4_K_M
