Security Stop Press: Microsoft Disrupts 240 Phishing Sites Amid Surge in AiTM Attacks

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

December 4, 2024

Microsoft’s Digital Crimes Unit (DCU) has reported dismantling 240 fraudulent websites linked to an Egypt-based cybercrime group, thereby disrupting a key operation within the expanding “Phishing-as-a-Service” (PhaaS) industry.

Central to the threat is the rapid rise of “Adversary-in-The-Middle” (AiTM) phishing attacks, which allow attackers to intercept and manipulate communications, bypassing multifactor authentication (MFA) protections. Microsoft’s latest report revealed a 146 per cent surge in AiTM attacks in 2024, as these techniques become the favoured method for breaching secure accounts. The fraudulent ONNX operation, led by Abanoub Nady (“MRxC0DER”), leveraged AiTM tactics alongside “do-it-yourself” phishing kits to execute widespread attacks, heavily targeting the financial sector.

The kits, sold under a fraudulent ONNX brand, enabled criminals to scale their operations, bypassing advanced security measures. Distributed via platforms like Telegram, the kits followed a subscription model with varying levels of support, including step-by-step guidance. Phishing campaigns originating from these kits were among the top five globally by email volume this year, highlighting the threat’s scale and sophistication.

By obtaining a court order to take control of the malicious infrastructure, Microsoft, in partnership with LF Projects, has disrupted the operation, severing access for cybercriminals and sending a strong deterrent message.

Organisations can protect themselves by adopting advanced email filtering, deploying layered MFA solutions, and ensuring regular cybersecurity training. Vigilance and proactive defences remain critical in countering these increasingly sophisticated phishing techniques.

You May Also Like…

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.