"The criminal operation sold subscriptions to its RaccoonO365 Suite of phishing kits, ranging from a 30-day plan for $335 to a 90-day subscription for $999, via a private Telegram channel with more than 850 members, according to separate blogs from Steven Masada, Microsoft's DCU assistant general counsel, and Cloudflare, which also participated in the website takedown."
"Since July 2024, these phishing kits have been used by other criminals to steal at least 5,000 Microsoft credentials from 94 countries, raking in at least $100,000 in cryptocurrency payments for Ogundipe and his affiliates, Masada said. "We estimate that this amount reflects approximately 100-200 subscriptions, which is likely an underestimate of the total subscriptions sold," he added."
"RaccoonO365's customers can use the service to input up to 9,000 target email addresses per day, bypass multi-factor authentication (MFA), steal user credentials, and gain persistent access to victims' systems. The stolen info and system access can then be sold to other criminals, and used for financial fraud, ransomware and extortion, and initial access from which to launch larger cyberattacks. Most recently, the criminal operation started advertising a new AI-powered service, RaccoonO365 AI-MailCheck, to scale attacks and boost their effectiveness."
Microsoft seized 338 websites tied to RaccoonO365 and identified Joshua Ogundipe as the leader of the phishing operation. The operation sold subscriptions to RaccoonO365 Suite phishing kits via a private Telegram channel, with plans priced at $335 for 30 days and $999 for 90 days. Since July 2024 attackers using the kits stole at least 5,000 Microsoft credentials across 94 countries and collected at least $100,000 in cryptocurrency. RaccoonO365 enables up to 9,000 target emails per day, bypasses MFA, steals credentials, and provides persistent access for resale, fraud, ransomware, and larger attacks. A court order allowed seizure of the sites and a restraining order against Ogundipe and associates.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]