Today, Microsoft’s Digital Crimes Unit (DCU), in collaboration with The Linux Foundation, announced a decisive action against the cybercrime ecosystem by seizing 256 fraudulent websites linked to Egypt-based cybercriminal Abanoub Nady, also known as “MRxC0DER.”
Nady operated under brand names including “ONNX,” whose name and logo is trademarked with the LF (Linux Foundation) Projects LLC. ONNX, or Open Neural Network Exchange, is an open format built for both deep learning and traditional machine learning that enables interoperability between different frameworks, speeding AI innovation.
The fraudulent website impersonating ONXX sold phishing kits that enabled cybercriminals to execute large-scale phishing campaigns. These tools, part of the Phishing-as-a-Service (PhaaS) industry, targeted various sectors, including financial services, resulting in significant financial losses for victims.
The operation also highlights the sophistication of emerging threats, such as adversary-in-the-middle (AiTM) phishing, which bypasses multifactor authentication (MFA), and a surge in QR code phishing (“quishing”) attempts. These techniques demonstrate how cybercriminals continue to evolve their methods to exploit vulnerabilities.
This legal action redirects malicious infrastructure to Microsoft, severing cybercriminals’ access and protecting users globally. It also addresses the misuse of the “ONNX” trademark, safeguarding its reputation as an open-source AI ecosystem supported by The Linux Foundation.
While this marks a critical step in disrupting cybercrime operations, Microsoft emphasizes the need for continued vigilance, robust security measures, and collaborative efforts to combat future threats.
Read the full story from Microsoft here to learn more about this impactful action and its implications for global cybersecurity.
