Microsoft's Digital Crimes Unit has dealt a major blow to cybercrime by taking down over 240 websites connected to an Egyptian cybercriminal's phishing operation. The sites were part of a fraudulent enterprise operating under the ONNX brand name, which sold sophisticated phishing toolkits targeting the financial sector.
The operation's mastermind, identified as Abanoub Nady, had developed a tiered business model offering various levels of phishing tools. The basic package started at $150 monthly, while more comprehensive options reached $550 for six months of service, complete with lifetime support and specialized features like Office Email Checker capabilities.
Nady marketed these criminal tools through Telegram and social media channels as part of the growing "Phishing-as-a-Service" (PhaaS) industry. This business model allows cybercriminals to purchase ready-made phishing kits rather than developing their own attack infrastructure.
The takedown comes as Microsoft reports a troubling 146% surge in "adversary-in-the-middle" (AiTM) phishing attacks during 2024. These sophisticated attacks can circumvent multi-factor authentication systems to steal user credentials and cookies.
Microsoft emphasized that their enforcement action aims to disrupt cybercriminals by cutting off their operational infrastructure while making future attacks more costly and difficult to execute. The tech giant worked alongside the Linux Foundation in this enforcement initiative.
In a parallel development, Meta has intensified its fight against online fraud, removing over 2 million accounts linked to "pig-butchering" scams that exploit victims through fake job offers and force them into fraudulent schemes.
The crackdown represents a strong pushback against the commercialization of cybercrime tools and highlights the growing collaboration between tech companies in combating online threats.