Microsoft Takes Down 240 Phishing Sites Linked to Egyptian Cybercriminal Abanoub Nady in Major Crackdown

Microsoft has taken significant action by removing at least 240 websites linked to Egyptian cybercriminal Abanoub Nady, marking a major step in a crackdown on phishing scams. Nady was reportedly behind the development and sale of phishing kits under the fraudulent brand ONNX, which were marketed and distributed through Telegram channels and social media platforms. These kits were primarily used in attacks targeting the financial sector, causing significant harm to victims.

Nady’s operation was a key player in the “Phishing-as-a-Service” (PhaaS) industry, where different tiers of phishing kits were sold to cybercriminals. The cost for these kits ranged from $150 per month for basic features to $550 for a six-month plan, which included advanced tools and lifetime support. Microsoft’s Digital Crimes Unit, in collaboration with the Linux Foundation, took action to disrupt these activities, aiming to make it more difficult for cybercriminals to operate by severing their access to the infrastructure needed for these scams.

The broader goal of Microsoft’s intervention is to increase the cost and difficulty of cybercrime, raising barriers for bad actors. The company’s focus on phishing scams aligns with its previous warnings earlier this year about the rise of “adversary-in-the-middle” (AiTM) attacks, which have surged by 146% in 2024. AiTM attacks are especially dangerous because they can bypass Multi-Factor Authentication (MFA) protections and steal sensitive data such as credentials and cookies.

In a related development, Meta (Facebook’s parent company) has intensified its crackdown on “pig-butchering” scams, which involve exploiting individuals with fake job offers to force them into working as online scammers. Meta has taken down over 2 million scam-related accounts as part of its ongoing efforts to protect users from various online fraud schemes.

Correspondent

Correspondent

Leave a Reply

Your email address will not be published. Required fields are marked *