Microsoft has seized 338 phishing websites associated with a cybercrime service that targeted at least 20 U.S. healthcare organizations.
Using a court order granted by the U.S. District Court for the Southern District of New York, the tech giant’s Digital Crimes Unit disrupted RaccoonO365, which offers subscription-based phishing kits allowing novices to mimic official Microsoft communications to steal Microsoft 365 usernames and passwords. The company also identified the cybercriminal group’s leader as an individual based in Nigeria.
Microsoft filed its lawsuit in partnership with global cybersecurity nonprofit Health-ISAC because the tool has been deployed against so many hospitals.
“This puts public safety at risk, as RaccoonO365 phishing emails are often a precursor to malware and ransomware, which have severe consequences for hospitals,” Microsoft said in a Sept. 16 news release. “In these attacks, patient services are delayed, critical care is postponed or canceled, lab results are compromised, and sensitive data is breached, causing major financial losses and directly impacting patients.”
The post Microsoft seizes 338 phishing websites targeting hospitals appeared first on Becker’s Hospital Review | Healthcare News & Analysis.
Health IT
