Microsoft and European Police Successfully Shut Down RedVDS, the World's Cybercrime Center

Microsoft shuts down cybercrime support infrastructure services (photo: dok. unsplash)

Microsoft and European police shut down RedVDS, a site that provides infrastructure for various cybercrime activities. In this operation, Microsoft managed to seize a website that was considered dangerous.

Launching from PC Mag, the main domain of RedVDS is used to facilitate hacking attacks around the world. The RedVDS platform is known to have been operating since 2017 by offering cheap access to Windows virtual machines.

Hackers only need to pay starting from 24 US dollars (Rp405 thousand) per month to launch a mass phishing attack. According to official reports, more than 2,600 virtual machines from this site are capable of sending one million fraudulent messages every day.

The attack targeted Microsoft customers with the aim of stealing passwords to spread malicious malware. German police said that RedVDS had a very large user base of more than 13,000 people.

"In just one month, more than 2,600 different RedVDS virtual machines sent an average of one million phishing messages per day to Microsoft customers alone," Microsoft wrote in its official statement, quoted on Saturday, January 16.

The modus operandi that criminals often commit is business email fraud by hijacking company executives' accounts to deceive employees. In addition, the real estate sector is often the main target in this attack.

Since September 2025, more than 191,000 organizations worldwide have been victims of illegal access due to RedVDS infrastructure. The most severe impact is reported in the construction, manufacturing, health, and legal services sectors in various countries.

Now, the site's main domain has been replaced with an official seizure announcement from Europol and law firm Orrick. Even so, the public is urged to remain vigilant against suspicious emails even if the messages that come look like they are from an official source.