Microsoft Suspends RedVDS Cybercrime Virtual Desktop Service Responsible for Millions in Fraud Losses

Microsoft files a coordinated legal action to disrupt RedVDS, a cybercrime service that stole millions from victims.

Microsoft has initiated legal action in the United States and the United Kingdom to disrupt RedVDS, a low-cost membership service that assists cybercriminals carry out profitable scams.

These efforts are part of a larger joint operation with international law enforcement, including German authorities and Europol that has allowed Microsoft and its partners to seize key cruel infrastructure and shut down the RedVDS marketplace, a significant step toward dismantling the networks behind AI-enabled fraud, such as real estate scams.

RedVDS is a criminal marketplace that offers illegal services and software that support and assist criminality. Cybercriminals eagerly take advantage of the marketplace's straightforward and feature-rich user interface for buying cheap, unlicensed Windows-based Remote Desktop Protocol (RDP) servers with complete administrator control and no use restrictions.

RedVDS gives criminals access to disposable virtual computers for as little as $24 a month. This makes fraud cheap, easy to scale, and hard to find. These kinds of services have quietly become a major cause of the rise in cyber-enabled crime, which harms people, businesses, and communities all over the world.

In the United States alone, RedVDS-enabled behavior has caused reported fraud losses of almost US $40 million since March 2025. One of the victims is H2-Pharma, an Alabama-based pharmaceutical business that lost almost $7.3 million in funds that were meant to support children's allergy meds, mental health therapies, and life-saving cancer treatments for patients nationwide.

Another instance, the Gatehouse Dock Condominium Association in Florida was defrauded of around $500,000 that property owners and occupants had donated for necessary renovations. In this legal action, both groups are joining Microsoft as co-plaintiffs.

However, these instances only account for a small portion of the damage. Cybercriminals regularly switch platforms and service providers, victims are worldwide, and fraud and scams often go undetected. Fraud has long-term consequences for the individual that go beyond monetary loss to include relationships, long-term stability, emotional well-being, and health.