Tech

Microsoft targets Egyptian linked to DIY phishing kits

Share
Share
cybercrime
Credit: Pixabay/CC0 Public Domain

Microsoft announced Thursday it has seized 240 fraudulent websites tied to an Egyptian cybercrime operation that sold do-it-yourself phishing kits used to steal user credentials and bypass security measures.

The tech giant’s Digital Crimes Unit identified Abanoub Nady, known online as “MRxC0DER,” as the alleged operator behind the scheme which fraudulently used the “ONNX” brand name to market and sell phishing tools through online storefronts.

The operation was among the top five providers of phishing kits by email volume in early 2024, contributing significantly to the millions of phishing messages Microsoft detects monthly, the company said.

It obtained a court order from a US federal court in Virginia to redirect the malicious website infrastructure to Microsoft’s control, effectively shutting down the operation.

Microsoft filed the case jointly with the Linux Foundation, which owns the legitimate ONNX trademark as an open-source machine learning platform.

According to Microsoft, the kits enabled sophisticated “adversary-in-the-middle” attacks that can bypass multifactor authentication.

These attacks have surged in recent months, with criminals increasingly using QR codes to direct victims to fake login pages.

While primarily targeting financial services firms, the phishing campaigns affected users across all sectors.

“A successful phish can have devastating real-world consequences for the victims… including life savings, which, once stolen, can be very difficult to recover,” Microsoft said.

The Egyptian operation had been active since 2017, offering subscriptions with technical support for cybercriminals.

© 2024 AFP

Citation:
Microsoft targets Egyptian linked to DIY phishing kits (2024, November 21)
retrieved 21 November 2024
from

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.

Share

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles
The tech behind sportswear at the Australian Open
Tech

The tech behind sportswear at the Australian Open

Credit: Pixabay/CC0 Public Domain When a tennis player serves at 200km/h in...

When does an actor stop, and AI begin? What ‘The Brutalist’ and ‘Emilia Pérez’ tell us about AI in Hollywood
Tech

When does an actor stop, and AI begin? What ‘The Brutalist’ and ‘Emilia Pérez’ tell us about AI in Hollywood

Credit: Pixabay/CC0 Public Domain “The Brutalist” has drawn attention this week for...

Researchers create dual purpose fire sensor
Tech

Researchers create dual purpose fire sensor

Graphical abstract. Credit: Chemical Engineering Journal (2025). DOI: 10.1016/j.cej.2025.159281 Various clean energy...