Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide
Seizure concerns the confiscation or disruption of devices, systems, or data, with implications for digital evidence, service access, and incident response.
Search across headline titles and summaries.
Background for this topic.
Seizure is the lawful taking or securing of devices, servers, domain names, accounts, cryptocurrency, or stored digital data by an authorized authority for an investigation or legal proceeding. In information-security reporting, the term usually concerns the acquisition of digital infrastructure or evidence, not a seizure-related medical event. Authorities may take physical equipment, redirect or disable online services, or obtain data from a provider under applicable legal process.
The security challenge is preserving evidence without changing it: investigators may document the chain of custody, isolate systems, and use forensic copies while protecting originals from alteration. Live systems can contain volatile evidence, while encryption, remote access, cloud tenancy, and deleted data complicate collection. Seized infrastructure may also contain unrelated customer or employee information, creating privacy and access-control obligations. For defenders, a seizure can interrupt services and signal an investigation; maintaining accurate asset ownership records, logs, backups, and documented legal or incident-response contacts helps establish what systems and data are affected.
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide