- Microsoft, Europol, and German police dismantle RedVDS cybercrime infrastructure
- RedVDS enabled phishing, BEC, and malware via cheap disposable Windows cloud servers
- Platform caused $40M losses in 2025; criminals used AI for phishing and deepfakes
Microsoft has said it helped disrupt a major cybercriminal platform that was operating in the US and the UK, causing millions of dollars in damages to different businesses.
In an announcement Microsoft said that together with Europol and German law enforcement, it successfully seized the infrastructure used by RedVDS, a cheap platform that facilitated phishing, business email compromise, malware distribution, and more.
“For as little as $24 a month, RedVDS provides criminals with access to disposable virtual computers that make fraud cheap, scalable, and difficult to trace,” Microsoft said in its announcement. “Services like these have quietly become a driving force behind today’s surge in cyber‑enabled crime, powering attacks that harm individuals, businesses, and communities worldwide.”
Millions in damages
Microsoft explained that RedVDS sold access to virtual Windows cloud servers. All VMs came from a single Windows Server 2022 image, leaving a unique fingerprint that the researchers were able to track.
It rented servers from hosting providers across the US and Europe, giving cybercriminals the ability to use IP addresses close to their targets and thus evade location-based security filters.
Besides Microsoft, several private businesses have also joined as co-plaintiffs, including H2-Pharma and the Gatehouse Dock Condominium Association. The former claims to have lost $7.3 million in a Business Email Compromise (BEC) attack, while the latter says it lost almost $500,000 in residential funds.
In 2025 across the United States alone, RedVDS facilitated losses of at least $40 million, Microsoft concluded. In Canada and Australia, more than 9,000 customers were scammed.
Microsoft also discovered that RedVDS customers would use Generative AI to create believable phishing emails, as well as other advanced tools for face-swapping, video manipulation, and voice cloning.
On average, the crooks would send more than a million phishing emails every month, to Microsoft customers alone, compromising roughly 200,000 of them in less than half a year.
Via BleepingComputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/3ntZVgXDfQyTqCaLkpbyih-1920-80.jpg
Source link
