Outsider provided phishing kits and infrastructure for cybercriminals to scam victims with lures claiming they missed packages, had unpaid tolls or parking violations.
Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications.
Cybercrime groups, including one that identifies as ShinyHunters, are targeting single sign-on services to gain access to victim networks and steal data.
A wave breaks against a pier and a lighthouse as storm Ana smashes into France in Cassis on December 11, 2017, southeastern France. (Photo by BORIS HORVAT / AFP) (Photo by BORIS HORVAT/AFP via Getty Images)
The China-linked operation has grown from a phishing kit marketplace into an active and growing community supporting a decentralized large-scale phishing ecosystem.
The company acted on a court order and collaborated with Cloudflare to seize RaccoonO365’s infrastructure, which was used to steal credentials from organizations in 94 countries.
A seal for the Department of Justice is seen on a podium ahead of a news conference with U.S. Attorney General Merrick Garland at the Department of Justice Building on March 21, 2024 in Washington, DC. (Photo by Anna Moneymaker/Getty Images)
