- Joined
- May 15, 2016
- Messages
- 10,337
- Likes
- 2,620
- Points
- 1,730
750 million accounts contributed to massive online cybercrimes.
Microsoft has announced a major operation against a cybercriminal group known as Storm-1152, responsible for the creation of approximately 750 million fake Microsoft accounts. These accounts and their associated websites have been used for various cybercrimes. This information was published on the company's official website.
The announcement of the group's dismantling came shortly after Microsoft received a New York court order allowing the company to seize the infrastructure and websites used by Storm-1152 located in the United States. Microsoft said that Storm-1152's actions made it much easier for many cybercriminals to carry out malicious activities.
The Storm-1152 group stood out due to its specialization in cybercrime-as-a-service, offering fake Microsoft accounts and CAPTCHA bypass services. According to Microsoft, Storm-1152's activities generated "millions of dollars in illicit proceeds" and cost the company and other victims even more to combat their crimes.
The investigation also identified a number of Vietnamese individuals who played key roles in the development and maintenance of websites associated with Storm-1152's activities. These individuals created training videos and provided live chat support for their products while operating fake Microsoft accounts.
Microsoft researchers also found that several extortion and data theft groups were using Storm-1152 accounts. In particular, Scattered Spider (UNC3944) is mentioned - a group of young hackers known for hacking large companies such as MGM Resorts and Caesars Entertainment.
Microsoft was able to take down hotmailbox[.]me, a website that sold Microsoft accounts from all over the world. A screenshot of the site shows accounts were being sold for fractions of a cent. Moreover, each account was unique and was sold only once.
Microsoft said companies' ability to quickly identify and close fraudulent accounts is forcing criminals to find new ways to bypass security. Purchasing accounts from groups like Storm-1152 allows them to focus their efforts on phishing, spam, extortion and other types of scams.
The operation also disrupted several other services, including 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA. Microsoft collaborated with Arkose Labs to research and take action against the Storm-1152 group.
__________________
What is "Automatic guarantor service"?
Microsoft has announced a major operation against a cybercriminal group known as Storm-1152, responsible for the creation of approximately 750 million fake Microsoft accounts. These accounts and their associated websites have been used for various cybercrimes. This information was published on the company's official website.
The announcement of the group's dismantling came shortly after Microsoft received a New York court order allowing the company to seize the infrastructure and websites used by Storm-1152 located in the United States. Microsoft said that Storm-1152's actions made it much easier for many cybercriminals to carry out malicious activities.
The Storm-1152 group stood out due to its specialization in cybercrime-as-a-service, offering fake Microsoft accounts and CAPTCHA bypass services. According to Microsoft, Storm-1152's activities generated "millions of dollars in illicit proceeds" and cost the company and other victims even more to combat their crimes.
The investigation also identified a number of Vietnamese individuals who played key roles in the development and maintenance of websites associated with Storm-1152's activities. These individuals created training videos and provided live chat support for their products while operating fake Microsoft accounts.
| YouTube channel of a Vietnamese with video instructions on how to bypass security measures |
Microsoft was able to take down hotmailbox[.]me, a website that sold Microsoft accounts from all over the world. A screenshot of the site shows accounts were being sold for fractions of a cent. Moreover, each account was unique and was sold only once.
| Screenshots of Storm-1152 websites |
The operation also disrupted several other services, including 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA. Microsoft collaborated with Arkose Labs to research and take action against the Storm-1152 group.
__________________
What is "Automatic guarantor service"?