Microsoft has successfully taken action against a cybercrime group known as Storm-1152 [2], based in Vietnam [4] [6]. This group was involved in selling fraudulent Microsoft accounts and tools to bypass Captcha software, resulting in millions of dollars in illicit activities [1].
Description
To combat Storm-1152, Microsoft obtained a court order allowing them to seize US based infrastructure and websites used by the group [3]. With the assistance of cybersecurity company Arkose Labs [6], Microsoft dismantled the group’s infrastructure by seizing four websites involved in selling fraudulent Microsoft Outlook accounts and Captcha-solving services. This takedown not only disrupted Storm-1152’s activities but also impacted the hacking campaigns of other cybercrime groups, including Scattered Spider [5] [6].
Microsoft also identified some of the criminals using Storm-1152 accounts [3], such as the financially motivated cybercrime group Octo Tempest. This group earned millions of dollars by selling fake Microsoft accounts and providing support services [3]. Microsoft has submitted a criminal referral to US law enforcement and warns of potential adaptations by other threat actors in response to this takedown [3].
Conclusion
Microsoft’s actions against Storm-1152 are part of their broader strategy to target the cybercriminal ecosystem and enhance fraud detection algorithms. By working with Arkose Labs [4], they aim to deter criminal behavior and increase the cost of cybercriminal attacks [4]. This successful operation highlights the importance of collaboration and serves as a warning to those who harm Microsoft’s customers that they will be brought to justice.
References
[1] https://www.techradar.com/pro/security/microsoft-seizes-criminal-websites-used-to-make-millions-of-fake-windows-accounts
[2] https://www.itpro.com/security/microsoft-just-disrupted-a-cyber-crime-group-behind-750-million-fraudulent-accounts
[3] https://www.forbes.com/sites/emmawoollacott/2023/12/14/microsoft-seizes-websites-that-created-millions-of-fake-accounts/
[4] https://duo.com/decipher/microsoft-cracks-down-on-fraudulent-outlook-account-sales
[5] https://siliconangle.com/2023/12/14/microsoft-disrupts-cybercrime-group-created-750m-fake-accounts/
[6] https://techcrunch.com/2023/12/14/microsoft-disrupts-cybercrime-operation-selling-fraudulent-accounts-to-notorious-hacking-gang/