logo

Microsoft uses AI to link two malware operations in racketeering suit

ID: 9bf53f0e-a996-57ef-937f-1d5473997038

STIX ID: report--9bf53f0e-a996-57ef-937f-1d5473997038

Feed Name: The Register (Security)

Threat Score
75/100

Date Published: 2026-06-24

Date Updated: 2026-06-25

...
...

Microsoft, with international law enforcement and multiple security vendors, used AI-assisted analysis and RICO-based legal claims to link and disrupt two coordinated malware operations—StealC (an infostealer) and Amadey (a malware-as-a-service loader). The action resulted in suspension or blocking of more than 200 domains/C2 servers, highlighted shared infrastructure enabling joint operation, and followed evidence of wide infection (over 140,000 compromised hosts in a two-week window) and large-scale theft, while also pursuing civil claims against alleged operators.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.