Microsoft has disrupted the Fox Tempest cybercrime service that has been helping threat actors distribute ransomware and other malware.

The downstream impact of that service’s operations “has resulted in attacks against a broad range of industry sectors” in the U.S. and other nations, the company said.

Microsoft estimates that Fox Tempest generated more than 1,000 certificates and operated hundreds of Azure tenants and subscriptions.

Microsoft has disrupted the Fox Tempest cybercrime service that has been helping threat actors distribute ransomware and other malware.

Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing service to generate fraudulent code-signing…

'Thousands' of US victims, including 12+ machines owned and operated by Redmond

Microsoft disrupted Fox Tempest’s MSaaS using 72-hour certificates, cutting signed malware delivery worldwide.

The service let malware authors sign malicious files with fraudulent Microsoft-issued certificates to bypass security checks.

Takedown Microsoft Fox Tempest ha smantellato un servizio che emetteva certificati fraudolenti, bloccando malware e infrastrutture criminali.