Microsoft says it has dismantled a major cybercrime service blamed for fueling tens of millions of dollars in fraud losses by launching coordinated legal and law-enforcement actions in the United States and the United Kingdom.
The company announces it has taken RedVDS, a global cybercrime subscription service, offline as part of a joint operation with international authorities, including German law enforcement and Europol.
RedVDS operated as a cybercrime-as-a-service platform, selling criminals access to disposable virtual computers that made fraud cheap, scalable and difficult to trace. Microsoft says subscriptions start at as little as $24 per month.
According to Microsoft, RedVDS-enabled activity has driven roughly $40 million in reported fraud losses in the United States alone since March 2025, with the true global toll believed to be significantly higher due to underreporting.
One of the named victims is H2-Pharma, an Alabama-based pharmaceutical company that lost more than $7.3 million intended to support cancer treatments, mental health medications and children’s allergy drugs. A Florida-based condominium association, Gatehouse Dock, was also defrauded of nearly $500,000 earmarked for building repairs.
Microsoft says both organizations are joining the company as co-plaintiffs in the civil action aimed at dismantling the infrastructure behind RedVDS.
The tech giant describes RedVDS as a key enabler of modern fraud schemes, providing unlicensed virtual machines that allow attackers to send mass phishing emails, host scam infrastructure and pivot quickly across borders and platforms.
Microsoft says the service is frequently paired with generative AI tools that help criminals identify high-value targets and generate more convincing email threads and messages. In hundreds of cases, attackers also used face-swapping, video manipulation and voice-cloning tools to impersonate real individuals.
One of the most common attack patterns tied to RedVDS is payment diversion fraud, also known as business email compromise. In these schemes, attackers monitor email conversations and impersonate trusted parties at critical moments to redirect payments, often moving stolen funds within seconds.
Microsoft says the takedown represents a major step toward disrupting AI-enabled fraud networks, but warned that cybercriminals continue to adapt rapidly, making sustained collaboration between technology companies and law enforcement essential.
Disclaimer: Opinions expressed at CapitalAI Daily are not investment advice. Investors should do their own due diligence before making any decisions involving securities, cryptocurrencies, or digital assets. Your transfers and trades are at your own risk, and any losses you may incur are your responsibility. CapitalAI Daily does not recommend the buying or selling of any assets, nor is CapitalAI Daily an investment advisor. See our Editorial Standards and Terms of Use.