Microsoft disrupts cybercrime service offering malware disguised as legitimate software

The downstream impact of that service’s operations “has resulted in attacks against a broad range of industry sectors” in the U.S. and other nations, the company said.

martedì 19 maggio 2026 New tab

362 words~2 min read

Samuel Boivin/NurPhoto via Getty Images

By

David DiMolfetta,Cybersecurity Reporter, Nextgov/FCW

By

David DiMolfetta

Other newsrooms on this story

· 8 sources

Full timeline →

bleepingcomputer.com·May 19, 2026 · 16 h fa
Cybercrime service disrupted for abusing Microsoft platform to sign malware
axios.com·May 19, 2026 · 23 h fa
Microsoft disrupts service helping ransomware gangs disguise malware
securityweek.com·May 19, 2026 · 22 h fa
Microsoft Disrupts Malware-Signing Service Run by 'Fox Tempest'
theregister.com·May 19, 2026 · 16 h fa
Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
bleepingcomputer.com·May 19, 2026 · 18 h fa
Microsoft Self-Service Password Reset abused in Azure data theft attacks
forbes.com·May 18, 2026 · 2 g fa
New Mac Password Stealer Impersonates Apple, Google And Microsoft
bleepingcomputer.com·May 14, 2026 · 5 g fa
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
bleepingcomputer.com·May 17, 2026 · 2 g fa
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

Other newsrooms on this story

· 8 sources

Full timeline →

Related reading

bleepingcomputer.com

Cybercrime service disrupted for abusing Microsoft platform to sign malware

Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing…

bleepingcomputer.com16 h fa

axios.com

Microsoft disrupts service helping ransomware gangs disguise malware

Microsoft estimates that Fox Tempest generated more than 1,000 certificates and operated hundreds of Azure tenants and…

axios.com23 h fa

securityweek.com

Microsoft Disrupts Malware-Signing Service Run by 'Fox Tempest'

Microsoft has disrupted the Fox Tempest cybercrime service that has been helping threat actors distribute ransomware and other…

securityweek.com22 h fa

theregister.com

Microsoft shuts down illegal code-signing operation used by ransomware crims to…

'Thousands' of US victims, including 12+ machines owned and operated by Redmond

theregister.com16 h fa

forbes.com

Warning Issued As Hackers Give Microsoft Windows The Finger: Report

Cybercriminals have been exploiting a rarely-used protocol in attacks against Microsoft users. Here’s what you need to know as…

forbes.com6 mesi fa

aljazeera.com

Microsoft accuses Russia’s FSB of using malware against foreign embassies

Microsoft says cyber-espionage campaign ‘poses high risk’ to foreign embassies, diplomats and other groups in Moscow.

aljazeera.com9 mesi fa