Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Published: 3 weeks ago (May 20, 2026 at 10:36 AM EDT)

1 min read

Source: The Hacker News

Microsoft disrupts malware‑signing‑as‑service operation

Microsoft on Tuesday said it disrupted a malware‑signing‑as‑a‑service (MSaaS) operation that weaponized the company’s Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world.

The tech giant attributed the activity to a threat actor it calls Fox Tempest, which it said offered the MSaaS scheme.

Back to Blog

Cybercrime service disrupted for abusing Microsoft platform to sign malware

markdown !https://www.bleepstatic.com/content/hl-images/2024/01/26/microsoft-red-header.jpg Microsoft says it has disrupted a malware‑signing‑as‑a‑service MSaaS...

Law enforcement shuts down VPN service used by two dozen ransomware gangs

Operation Overview An international coalition of law‑enforcement agencies announced Thursday that they took down a popular virtual private network VPN service...

Scam alert: An official Microsoft email is being used for phishing links

If you've ever received an email from email protected you’ll know that this is an official Microsoft address. However, users should be aware that messages comin...

Scammers are abusing an internal Microsoft account to send spam links

For months, scammers have been taking advantage of a loophole that lets them send spammy emails from an internal Microsoft address typically used for legitimate...

Microsoft disrupts malware‑signing‑as‑service operation

Related posts

Cybercrime service disrupted for abusing Microsoft platform to sign malware

Law enforcement shuts down VPN service used by two dozen ransomware gangs

Scam alert: An official Microsoft email is being used for phishing links

Scammers are abusing an internal Microsoft account to send spam links