ATLA WIRE

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud

16.01.2026
5187
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
Microsoft shut down RedVDS, a crimeware subscription service used for phishing and BEC fraud, linked to $40M U.S. losses and 191,000 affected orgs.

Microsoft Just Took Down a Massive Cybercrime Service — RedVDS Is Toast

Microsoft just dropped the legal hammer on RedVDS, a full-service cybercrime platform that was basically Crimeware-as-a-Service for scammers. They got a court order to seize the infrastructure — servers, domains, the whole shebang — and shut it down cold.
RedVDS was a subscription-based service that let cybercriminals rent out virtual private servers (VPS) to launch phishing campaigns, business email compromise (BEC) attacks, and other fraud ops. Think of it as AWS for bad actors — but way sketchier.
The damage? Massive. Microsoft’s Digital Crimes Unit traced over $40 million in losses in the U.S. alone, with more than 191,000 organizations hit worldwide. That’s not just big numbers — that’s real businesses getting drained.
  • RedVDS operated as a Crimeware-as-a-Service (CaaS) platform, offering VPS hosting specifically for cybercrime.
  • The service was heavily used for phishing and BEC fraud, allowing attackers to impersonate legitimate companies and trick victims into wiring money.
  • Microsoft obtained a court order to seize RedVDS infrastructure, effectively taking down its servers and domains.
  • The platform is linked to over $40 million in U.S. financial losses and impacted more than 191,000 organizations globally.
  • This action is part of Microsoft’s ongoing legal efforts to disrupt cybercrime ecosystems and protect customers from fraud.
This isn’t Microsoft’s first rodeo. They’ve been going hard after cybercrime infrastructure for years, using legal takedowns to dismantle botnets, malware networks, and now full-blown crimeware platforms. It’s a clear message: if you build tools for fraud, they’re coming for your servers.
The takedown highlights how cybercrime has evolved into a service economy. RedVDS lowered the barrier to entry, letting even low-skilled attackers rent infrastructure for sophisticated fraud. Microsoft’s move cuts off a key resource — but you know the underground will adapt. Stay vigilant, patch your systems, and maybe don’t wire money based on an email from “your CEO.”
#malware#cybercrime#cyber threats#court order#phishing
Got a topic? Write to ATLA WIRE on Telegram:t.me/atla_community
Banner | ATLA WIRE