London | In a decisive escalation against organised digital crime, Microsoft has launched coordinated legal and enforcement action across the United States and the United Kingdom to dismantle the operations of RedVDS, a subscription-based digital platform the company says formed a critical backbone for large-scale, AI-assisted online fraud.
The move marks a strategic shift by Microsoft—from defending networks against individual cyberattacks to directly targeting the commercial infrastructure that enables modern cybercrime. According to the company, platforms operating under the “cybercrime-as-a-service” model have become central enablers of global fraud, offering inexpensive, ready-to-use digital resources that allow criminals to scale operations across borders with speed and anonymity.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
RedVDS, Microsoft said, provided disposable virtual machines for as little as ₹2,000 a month, allowing fraudsters to launch campaigns from multiple jurisdictions, obscure digital footprints and abandon systems quickly after executing scams. Such infrastructure, the company noted, significantly complicates detection, attribution and prosecution by law-enforcement agencies.
Microsoft described the action as one of its most comprehensive efforts yet to undermine the economic foundations of cybercrime, rather than merely responding to isolated incidents.
Central role in payment diversion fraud
Microsoft’s investigation found that RedVDS infrastructure was used predominantly for payment diversion fraud, a sophisticated form of business email compromise. In these schemes, attackers infiltrate legitimate email conversations and redirect payments by impersonating trusted vendors, senior executives or long-standing business partners.
Two affected organisations have joined Microsoft as co-plaintiffs in the legal proceedings. An Alabama-based pharmaceutical company reported losses exceeding ₹60 crore, while a Florida condominium association was defrauded of nearly ₹4 crore in resident funds. Microsoft said real estate transactions and corporate payment workflows have emerged as particularly attractive targets due to the large ticket sizes and time-sensitive nature of payments.
Based on its analysis, Microsoft estimates that cybercrime linked to RedVDS infrastructure has resulted in nearly ₹330 crore in fraud-related losses in the United States alone since March 2025.
AI tools amplify scale and credibility of scams
A key concern highlighted by Microsoft is the rapid convergence of low-cost computing infrastructure with widely available generative AI tools. The company said cybercriminals are increasingly pairing services like RedVDS with AI-driven systems to identify high-value targets, draft convincing fraudulent emails and generate realistic audio and video content.
Microsoft’s Digital Crimes Unit documented hundreds of incidents involving voice cloning, face-swapping and manipulated video, techniques that were once expensive and technically complex but are now accessible to a far broader pool of criminals. This sharp reduction in cost and complexity, the company said, has lowered barriers to entry for sophisticated fraud and dramatically expanded the potential scale of cyber-enabled crime.
The combination of inexpensive infrastructure and AI-generated deception has accelerated the speed, reach and financial impact of fraud worldwide, Microsoft warned.
Servers seized, payment channels disrupted
As part of the coordinated action, authorities in Germany seized a key server believed to be central to RedVDS operations. Microsoft said it is working closely with Europol’s European Cybercrime Centre and law-enforcement agencies across multiple jurisdictions to dismantle the platform’s server infrastructure and disrupt associated payment networks.
The effort also includes tracing financial flows linked to the service, monitoring channels used to monetise criminal activity, and identifying customer accounts allegedly connected to illicit operations.
RedVDS did not respond to requests for comment.
Targeting the commercial backbone of cybercrime
Microsoft executives said the action reflects a broader, long-term strategy to weaken the business model that allows cybercrime to function as an organised service economy. Platforms such as RedVDS, the company argued, have quietly become the operational backbone of modern online fraud by offering low-cost access to powerful computing resources, often running unlicensed or loosely regulated software.
By reducing costs and enabling anonymity, such services allow criminals to operate globally with minimal risk, transforming cybercrime into a profitable, repeatable enterprise rather than isolated criminal acts.
Microsoft indicated that similar legal and technical actions are being prepared against other platforms operating under the cybercrime-as-a-service model.
Rising global cybersecurity risks
The RedVDS case underscores the growing challenge facing businesses, regulators and technology firms as cybercrime evolves into a structured, service-based global economy. With AI tools becoming easier to deploy and infrastructure costs continuing to fall, cybersecurity experts warn that financial fraud risks for enterprises, banks and the real estate sector will intensify unless enforcement efforts keep pace.
Microsoft said it will continue expanding partnerships with international law-enforcement agencies and industry stakeholders to disrupt the infrastructure, financial incentives and operational capabilities that sustain cybercrime networks.
About the author — Suvedita Nath is a science student with a growing interest in cybercrime and digital safety. She writes on online activity, cyber threats, and technology-driven risks. Her work focuses on clarity, accuracy, and public awareness.
