Cybersecurity

Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Ilian Ivanov Cybersecurity 19 December 2025

fwsjsth

Authorities in Nigeria have announced the arrest of three "high-profile internet fraud suspects" who are alleged to have been involved in phishing attacks targeting major corporations, including the main developer behind the RaccoonO365 phishing-as-a-service (PhaaS) scheme.

The Nigeria Police Force National Cybercrime Centre (NPF–NCCC) said investigations conducted in collaboration with Microsoft and the Federal Bureau of Investigation (FBI) led to the identification of Okitipi Samuel, also known as Moses Felix, as the principal suspect and developer of the phishing infrastructure.

"Investigations reveal that he operated a Telegram channel through which phishing links were sold in exchange for cryptocurrency and hosted fraudulent login portals on Cloudflare using stolen or fraudulently obtained email credentials," the NPF said in a post shared on social media.

In addition, laptops, mobile devices, and other digital equipment linked to the operation have been seized following search operations conducted at their residences. The two other arrested individuals have no connection to the creation or operation of the PhaaS service, per the NPF.

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

Ilian Ivanov Cybersecurity 18 December 2025

ADGwFBDSFVB

A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan.

The end goal of these attacks is cyber espionage, Slovak cybersecurity company ESET said in a report published today. The threat activity cluster has been assessed to be active since at least September 2023.

"LongNosedGoblin uses Group Policy to deploy malware across the compromised network, and cloud services (e.g., Microsoft OneDrive and Google Drive) as command and control (C&C) servers," security researchers Anton Cherepanov and Peter Strýček said.

Group Policy is a mechanism for managing settings and permissions on Windows machines. According to Microsoft, Group Policy can be used to define configurations for groups of users and client computers, as well as manage server computers.