Microsoft Takes Action Against Phishing-as-a-Service Platform

  /     /     /  
Publicated : 23/11/2024   Category : security


Microsoft Takes Action Against Phishing-as-a-Service Platform


The ONNX infrastructure has been servicing criminal actors as far back as 2017.



Microsoft seized 240 domains belonging to ONNX, a
phishing-as-a-service
platform that enabled its customers to target companies and individuals since 2017.
ONNX was the top adversary-in-the-middle (AitM) phishing service, according to 
Microsofts Digital Defense Report 2024,
 with a high volume of phishing messages during the first six months of this year. Millions of phishing emails targeted Microsoft 365 accounts each month, and Microsoft has apparently had enough.
ONNX promoted and sold phishing kits on Telegram using a subscription service model, which ranged from $150 to $550 a month.
The fraudulent ONNX operation offered phishing kits designed to target a variety of companies across the technology sector, including Google, Dropbox, Rackspace, and Microsoft, Microsoft said in its statement.
The attacks themselves are controlled through Telegram bots and come with built-in,
two-factor authentication (2FA) bypass mechanisms
. As of late, QR code phishing, also known as quishing, has also been enabled, targeting financial firms employees. ONNX uses bulletproof hosting services that allow delays in phishing domain takedowns, as well as encrypted JavaScript code that decrypts itself, all of which allows them to be highly effective in carrying out attacks and evading detection.
While todays legal action will substantially hamper the fraudulent ONNXs operations, other providers will fill the void, and we expect threat actors will adapt their techniques in response, 
stated Steven Masada
, assistant general counsel at Microsofts Digital Crimes Unit. However, taking action sends a strong message to those who choose to replicate our services to harm users online: we will proactively pursue remedies to protect our services and our customers and are continuously improving our technical and legal strategies to have greater impact.
A
full list of the 240 domains that were seized
is available online.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Microsoft Takes Action Against Phishing-as-a-Service Platform