The Nigerian police arrested three individuals linked to targeted Microsoft 365 cyberattacks via Raccoon0365 phishing platform.
The attacks led to business email compromise, data breaches, and financial losses affecting organizations worldwide.
The law enforcement operation was possible thanks to intelligence from Microsoft, shared with the Nigeria Police Force National Cybercrime Centre (NPF–NCCC) via the FBI.
The authorities identified individuals who administered the phishing toolkit ‘Raccoon0365,’ which automated the creation of fake Microsoft login pages for credential theft.
The service, which was responsible for at least 5,000 Microsoft 365 account compromises across 94 countries, was disrupted by Microsoft and Cloudflare last September.
It is unclear if the disruption operation helped identify those behind Raccoon0365 in Nigeria.
BleepingComputer contacted Microsoft for clarifications but a comment wasn't immediately available.
“Acting on precise and actionable intelligence, NPF–NCCC operatives were deployed to Lagos and Edo States, leading to the arrest of three suspects,” reads the police’s announcement.
“Search operations conducted at their residences resulted in the recovery of laptops, mobile devices, and other digital equipment, which have been linked to the fraudulent scheme after forensic analysis.”
One of the arrested suspects is an individual named Okitipi Samuel, also known online as “RaccoonO365” and “Moses Felix,” whom the police believe is the developer of the phishing platform.
... continue reading