Microsoft’s Digital Crimes Unit dismantled the infrastructure for the Amadey and StealC malware tools in a single coordinated action. The company used its internal Copilot AI to analyze data and establish that these previously separate threats shared the same infrastructure.
This AI-driven insight enabled Microsoft to classify both operations as a single criminal conspiracy in a civil lawsuit. Microsoft conducted the joint operation alongside Europol and various industry partners to target the cybercrime assembly line.
Amadey functions as a botnet to deliver secondary malware, while StealC harvests passwords and sensitive user data. The simultaneous disruption aims to increase the difficulty and reduce the profitability of launching these cyberattacks.