Microsoft and DOJ Zap ONNX: 240 Phishing Domains Nuked!
Microsoft and the Justice Department seized over 240 domains from ONNX, a top phishing-as-a-service platform. Known for targeting Microsoft 365 accounts, ONNX offered “do it yourself” phishing kits. Their recent shutdown came after researchers unmasked its owner. ONNX’s operations used clever tricks like 2FA bypass and QR code phishing to fool victims.
Hot Take:
*In a world where phishing attacks are as common as cat memes, Microsoft and the Justice Department have donned their superhero capes once again, swooping in to save the day by seizing over 240 domains associated with the notorious ONNX phishing-as-a-service platform. ONNX, the phishing equivalent of a fast-food chain, offered “do it yourself” kits for aspiring cybercriminals, complete with a menu of subscription options. With QR code phishing and 2FA bypass mechanisms, ONNX was basically the Swiss Army knife of cybercrime. But fear not, for justice has prevailed, and the cyber baddies have been sent packing like a bad rom-com villain.*
Key Points:
- Microsoft and the Justice Department seized over 240 domains linked to the ONNX phishing platform.
- ONNX, formerly Caffeine, was the top phishing service targeting Microsoft 365 accounts in 2024.
- The platform offered subscription-based phishing kits, targeting major tech firms and financial entities.
- ONNX operations ceased after the owner’s identity was uncovered and disclosed.
- Microsoft previously disrupted other major cybercrime operations, continuing their digital crime-fighting spree.