Microsoft's Digital Crimes Unit and LF Projects have collaborated to dismantle the Egyptian ONNX phishing-as-a-service platform, through the seizure of 240 websites that provided phishing kits enabling Microsoft account compromise, as well as legal action against its five admins, including Abanoub Nady, also known as MRxC0DER, reports The Record, a news site by cybersecurity firm Recorded Future.|
Organizations in the financial services sector have been primarily targeted by the ONNX, whose Telegram-based operations had been cut off following a court order that allowed Microsoft to transfer the PhaaS platform's infrastructure to its servers, according to Microsoft Digital Crimes Unit Assistant General Counsel Steven Masada, who also noted that Nady has been monitored by Microsoft for the past seven years. "Effectively combatting cybercrime requires persistence and ongoing vigilance to disrupt new malicious infrastructure. While today's legal action will substantially hamper the fraudulent ONNX’s operations, other providers will fill the void, and we expect threat actors will adapt their techniques in response," said Masada.
