Microsoft DCU makes use of UK courts to seek out cyber criminals
In its first ever main authorized motion exterior the US, Microsoft’s Digital Crimes Unit (DCU) has disrupted cyber crime-as-a-service community RedVDS – whose subscribers have cheated their victims out of thousands and thousands of kilos – after acquiring separate courtroom orders within the UK and Florida.
The DCU turned to the British authorized system as a result of the malicious infrastructure used to run RedVDS was hosted by a UK-based supplier. A large number of victims of RedVDS customers, nicely over 7,500, are additionally situated within the UK, it stated.
“Cyber crime at present is powered by shared infrastructure, which suggests disrupting particular person attackers isn’t sufficient. By means of this coordinated motion, Microsoft has disrupted RedVDS’s operations, together with seizing two domains that host the RedVDS market and buyer portal, whereas additionally laying the groundwork to determine the people behind them,” stated Microsoft DCU assistant normal counsel, Stephen Masada.
The takedown operation drew Europol’s European Cybercrime Centre (EC3), with additional assist supplied by the German authorities by the Central Workplace for Combating Web Crime (ZIT) on the Public Prosecutor’s Workplace within the metropolis of Frankfurt-am-Principal, and the Felony Police Workplace for the state of Brandenburg.
On the time of writing, the RedVDS web site states that its area has been seized by Microsoft.
Industrialised fraud
The RedDVS cyber prison service charged as little as $24 (£18) monthly to offer digital fraudsters with entry to disposable digital computer systems used to scale fraud operations cheaply and securely.
The DCU believes RedVDS customers have compromised greater than 191,000 organisations worldwide since September 2025 and netted over $40m within the US alone, with outstanding victims together with Alabama-based H2-Pharma, a provider of allergy, most cancers and psychological well being drugs, which misplaced $7.3m; and Florida-based Gatehouse Dock Condominium Affiliation, which was tricked out of $500,000 it had put aside for repairs to its members’ properties.
The service was used for a variety of cyber prison exercise, together with working phishing campaigns, internet hosting malicious infrastructure and facilitating fraud. It was typically used alongside generative AI (GenAI) instruments to assist determine extra targets faster, generate extra convincing lures, and in some circumstances to govern video footage or clone voices.
Nevertheless, the place RedVDS appeared to excel was in supporting enterprise e-mail compromise (BEC) the place cyber criminals impersonate trusted people to ship funds to accounts they management.
Specifically, its customers focused the true property sector, compromising the accounts of property brokers, escrow brokers or title firms. The DCU believes that as many as 9,000 clients in the true property trade, most in Australia and Canada, had been affected by this exercise to some extent.
Masada stated the DCU’s newest motion constructed on ongoing efforts to disrupt fraud and rip-off infrastructure through each authorized and technical actions, and thru world collaboration.
“It marks the thirty fifth civil motion focusing on cyber crime infrastructure by Microsoft’s Digital Crimes Unit, underscoring a sustained technique to transcend particular person takedowns and dismantle the companies that criminals depend on to function and scale,” he stated.
“As companies like RedVDS proceed to emerge, Microsoft will maintain working with companions throughout sectors and borders to determine and disrupt the infrastructure behind cyber-enabled fraud, making it tougher for criminals to revenue and simpler for folks and organisations to remain protected on-line.”
