Agency News
'Why buy a network that even Dentsu couldn’t fix?': Inside the gamble of Dentsu's international arm sale
Microsoft seizes 340 domains linked to Raccoon0365; Phishing-as-a-service nets $100k
Microsoft, with support from Cloudflare and the U.S. Secret Service, has dismantled Raccoon0365, a Nigerian-run phishing-as-a-service network. The takedown seized 340 domains linked to campaigns stealing 5,000+ credentials, impacting sectors from healthcare to finance, and generating $100,000 in crypto.
Raccoon0365, operating via a private Telegram group with over 850 paying subscribers, allowed users to mimic trusted brands and trick victims into handing over Microsoft login credentials.
Microsoft has shut down nearly 340 websites linked to Raccoon0365, a fast-growing phishing service run from Nigeria that enabled even low-skilled actors to launch large-scale cyberattacks, the company revealed Tuesday, Reuters reported.
The takedown, carried out with the backing of a U.S. District Court order in Manhattan, underscores the industrialization of phishing, where turnkey subscription services lower the barrier for cybercrime.
Raccoon0365, operating via a private Telegram group with over 850 paying subscribers, allowed users to mimic trusted brands and trick victims into handing over Microsoft login credentials. According to Microsoft’s Digital Crimes Unit, the service harvested at least 5,000 user credentials and generated more than $100,000 in cryptocurrency payments since its launch in July 2024.
“Cybercriminals don’t need to be sophisticated to cause widespread harm,” said Steven Masada, assistant general counsel for Microsoft. “Simple tools like Raccoon0365 make cybercrime accessible to virtually anyone, putting millions of users at risk.”
Microsoft identified Joshua Ogundipe of Nigeria as the ringleader. Court filings detail how the service targeted industries ranging from finance to healthcare, with a concentrated wave of tax-themed phishing attacks hitting 2,300 U.S. organizations in February 2025 alone.
The healthcare sector has been a particular victim. Errol Weiss, chief security officer of Health-ISAC, Microsoft’s co-plaintiff, confirmed that at least five healthcare organizations suffered successful credential breaches via Raccoon0365 campaigns. “Once a cybercriminal has access to a network, it’s only up to their imagination how they monetize it,” Weiss warned.
Cloudflare, which had unwittingly hosted parts of Raccoon0365’s backend, joined forces with Microsoft and the U.S. Secret Service to dismantle the infrastructure and prevent new accounts from being created.
Security experts say the case highlights how phishing-as-a-service has become a democratized business model, where tools are sold cheaply and at scale, turning ordinary users into cybercriminals.
SPOTLIGHT
According to LinkedIn’s research with over 1,700 B2B tech buyers, video storytelling has emerged as the most trusted, engaging, and effective format for B2B marketers. But what’s driving this shift towards video in B2B? (Image Source: Unsplash)
Read MoreExplained: Standing Committee’s draft report on India’s fight against Fake News
India’s parliamentary panel warns fake news threatens democracy, markets and media credibility, urging stronger regulation, fact-checking, AI oversight and global cooperation.