Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
Published:
14 January 2026 at 15:03:31
Alert date:
14 January 2026 at 17:02:19
Source:
microsoft.com
Cloud & Virtualization, Ransomware & Malware
Microsoft's Digital Crimes Unit investigated and disrupted RedVDS, a virtual desktop service provider that was facilitating worldwide cybercriminal operations. The investigation revealed a global network of disparate cybercriminals who were purchasing and using RedVDS services to target multiple sectors. Microsoft collaborated with law enforcement agencies worldwide to disrupt the RedVDS infrastructure and related criminal operations. This represents a significant takedown of cybercriminal infrastructure that was enabling attacks across various industries globally.
Technical details
Mitigation steps:
Affected products:
RedVDS Virtual Desktop Services
Related links:
https://www.microsoft.com/en-us/security/blog/2026/01/14/inside-redvds-how-a-single-virtual-desktop-provider-fueled-worldwide-cybercriminal-operations/
https://www.microsoft.com/en-us/security/blog
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.