Microsoft Zaps ONNX Phishing: 240 Sites Seized, Egyptian Mastermind Unmasked
Microsoft seized 240 sites from the ONNX phishing service, led by an Egyptian man, Abanoub Nady, known as MRxC0DER. This action disrupts cybercrime and halts the use of these domains for phishing attacks, proving once again that even cybercriminals can’t escape Microsoft’s watchful eye.
Hot Take:
Microsoft just played whack-a-mole with 240 malicious websites, and it looks like they’ve hit the jackpot! While the rest of us were struggling to remember our passwords, Abanoub Nady—aka MRxC0DER—was busy selling do-it-yourself phishing kits like they were the hottest item on Etsy. But thanks to Microsoft’s Digital Crimes Unit, Nady will have to find a new hobby. Let’s hope he doesn’t turn to knitting—it would be a shame for all those wool sweaters to have malware embedded. Talk about itchy!
Key Points:
- Microsoft seized 240 sites used by the ONNX phishing service.
- An Egyptian man, Abanoub Nady, was identified as the operator behind ONNX.
- ONNX phishing kits were sold as a service, facilitating large-scale credential theft.
- Phishing kits bypass MFA by stealing credentials and session cookies.
- Microsoft redirected malicious infrastructure to stop future phishing attacks.