Microsoft has seized 330 phishing websites tied to a Nigerian-based syndicate accused of stealing more than 5,000 user credentials across industries worldwide.
The takedown, announced Tuesday, followed a US court order enabling Microsoft to disable domains linked to the group known as Raccoon0365.
How the Hack Worked
The group allegedly ran phishing campaigns impersonating Microsoft log-in pages. Using Telegram channels with over 850 subscribers, they lured victims into entering credentials and siphoned data at scale. Investigators said the syndicate earned over $100,000 in cryptocurrency since July 2024.
Global Shockwaves
Targets included banks, law firms, and public institutions in New York and beyond. Microsoft said the operation’s simplicity made it dangerous, giving “virtually anyone” access to phishing tools. Cloudflare and the US Secret Service joined the takedown effort, dismantling the group’s backend infrastructure.
Why It Matters for Nigeria
The bust spotlights Nigeria’s ongoing struggle with cybercrime perceptions. While local startups drive fintech innovation, criminal networks risk staining the country’s global digital reputation. Experts warn of heightened scrutiny for Nigerian tech hubs as regulators push for stronger cybersecurity laws.
Microsoft vowed continued monitoring of cybercrime rings, saying “simple tools can cause widespread harm.” For Nigeria, the fight against digital fraud is only just beginning.
This is IDNN. Independent. Digital. Uncompromising.