Microsoft disrupted the RedVDS cybercrime marketplace, linked to $40 million in fraud, by seizing key infrastructure and working with international law enforcement. RedVDS enabled mass phishing and account takeover campaigns, compromising over 191,000 organizations worldwide. The service sold access to Windows RDP servers, leaving behind technical indicators like a shared computer name and a cloned Windows Server 2022 image.
Microsoft Knocks Offline RedVDS Cybercrime Marketplace Linked to $40M in Fraud

