Global Takedown Disrupts Phishing-as-a-Service Empire
In a coordinated international operation, a major cybercrime infrastructure enabling mass credential theft has been dismantled. The platform, once a go-to resource for attackers seeking to bypass two-factor authentication, has had its backbone severed through joint efforts between tech leaders and law enforcement.
European law enforcement confirmed that Microsoft played a pivotal role in deactivating over 330 malicious domains tied to the network, disrupting command-and-control channels essential for its operations. Simultaneously, critical backend servers were seized across multiple jurisdictions.
On-Chain Intelligence Exposes Criminal Network
Coinbase contributed forensic expertise by tracing cryptocurrency transactions linked to the platform’s revenue streams. This financial mapping enabled investigators to uncover operator identities and downstream threat actors purchasing attack tools.
- 330+ domains taken down, halting phishing distribution
- Blockchain analysis exposed monetization structure
- Infrastructure seizures caused irreversible service collapse
The disruption forces cybercriminals to rebuild from scratch, increasing operational friction and exposure. This milestone highlights the power of public-private collaboration in combating digital threats.