BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Nigeria Arrests Developers Behind RaccoonO365 Phishing Scheme

Three Suspects Arrested in Nigeria for Running RaccoonO365 Phishing Scheme Targeting Microsoft 365 Users Worldwide

  • Three suspects were arrested in Nigeria for running phishing attacks linked to the RaccoonO365 phishing-as-a-service scheme targeting major corporations.
  • The principal suspect, identified as Okitipi Samuel, sold phishing links via Telegram and used stolen email credentials to host fake login portals.
  • RaccoonO365 is a toolkit enabling attackers to steal Microsoft 365 credentials through fake login pages, impacting at least 5,000 users across 94 countries since July 2024.
  • The arrests followed a joint investigation involving Nigeria’s police, Microsoft, and the FBI.
  • Lawsuits are underway against individuals and groups operating similar phishing services that facilitate large-scale cybercrimes.

Authorities in Nigeria have arrested three individuals suspected of involvement in high-profile internet fraud connected to phishing attacks on corporations. The arrests are part of efforts to dismantle the RaccoonO365 phishing-as-a-service (PhaaS) operation, which targets Microsoft 365 users.

- Advertisement -

The Nigeria Police Force National Cybercrime Centre (NPF–NCCC), working with Microsoft and the Federal Bureau of Investigation (FBI), identified Okitipi Samuel, also known as Moses Felix, as the main developer of the phishing tools. According to the NPF, “he operated a Telegram channel through which phishing links were sold in exchange for cryptocurrency and hosted fraudulent login portals on Cloudflare using stolen or fraudulently obtained email credentials.” Following search operations, devices including laptops and mobile phones linked to the scheme were seized. The other two suspects have no involvement in developing or operating the phishing service.

RaccoonO365 is recognized as a financially motivated threat group providing a phishing toolkit to harvest credentials by serving fake Microsoft 365 login pages. Microsoft monitors this group under the name Storm-2246. In September 2025, Microsoft and Cloudflare took down 338 domains tied to RaccoonO365. The phishing infrastructure is reported to have compromised at least 5,000 Microsoft accounts from 94 countries since July 2024.

The NPF reported that the fake portals were designed to steal user login details to illicitly access email platforms used by corporate, financial, and educational organizations. This led to incidents of unauthorized access from phishing messages impersonating legitimate Microsoft authentication pages between January and September 2025. These breaches caused business email compromise, data leaks, and financial losses across multiple regions.

Additionally, a civil lawsuit filed by Microsoft and Health-ISAC in September accused Joshua Ogundipe and others of operating a cybercriminal network that sells and distributes the RaccoonO365 phishing kit. The stolen credentials fuel further cybercrimes such as financial fraud, Ransomware attacks, and intellectual property theft.

- Advertisement -

Separately, Google has filed legal action against operators of another phishing-as-a-service platform named Darcula, led by Chinese national Yucheng Chang and others. This suit seeks court orders to seize the group’s servers after a large-scale smishing campaign. This follows an earlier lawsuit by Google against Hackers linked to the Lighthouse PhaaS, which has affected over 1 million users in 120 countries. Additional information on the Darcula case was reported by NBC News.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

FatFs Flaws Let Malicious Media Hijack Millions of Devices

Seven vulnerabilities (CVE-2026-6682 to CVE-2026- 6688) were found in the widely used FatFs filesystem library,...

Saylor Rage-Quits Channel 4 Over Bitcoin Grilling

Michael Saylor ended a Channel 4 interview by accusing the reporter of being offensive...

Linux ‘Bad Epoll’ Bug Grants Any User Root Access

A critical Linux kernel flaw, Bad Epoll (CVE-2026-46242), allows a standard user to gain...

Crypto Bill Fails to Meet White House July 4 Deadline

The White House will miss its July 4 deadline for passing a cryptocurrency market...

Alphabet Undervalued Despite Record Growth, AI Push

Alphabet (GOOGL) stock is deemed undervalued despite record revenue and strong AI positioning, trading...

Must Read

5 Best Hacking eBooks for Beginners

In this article we present the 5 Best Hacking eBooks for beginners as ranked by our editorial teamWelcome to the world of hacking, where...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading