Microsoft Cracks Down Cybercriminal Group ‘Storm-1152’ Selling Fake Microsoft Products
In Brief
Microsoft cracked down cybercriminal group Storm-1152, involved in the creation of over 750 million fraudulent Outlook accounts.
American tech giant Microsoft’s Digital Crimes Unit cracked down on Vietnam-based cybercriminal group Storm-1152, involved in the creation of over 750 million fraudulent Outlook accounts, and earning millions of dollars by selling them to fellow cybercriminals through online channels.
“Storm-1152 runs illicit websites and social media pages, selling fraudulent Microsoft accounts and tools to bypass identity verification software across well-known technology platforms,” said Amy Hogan-Burney, the General Manager of Microsoft’s Digital Crimes Unit in a blog post.
“These services reduce the time and effort needed for criminals to conduct a host of criminal and abusive behaviors online,” he added.
The group use Internet “bots” to hack into and deceive Microsoft’s security systems into believing that they are legitimate human consumers of Microsoft services, open Microsoft Outlook email accounts in the names of fictitious users and sell those fraudulent accounts to cybercriminals for use as tools in perpetrating a wide variety of online crimes, said Microsoft in their complaint to the court.
On December 7, 2023, Microsoft received a court order to seize the U.S. infrastructure of Storm-1152 and shut down the sites harming Microsoft users.
Microsoft Threat Intelligence and Arkose Cyber Threat Intelligence Research unit’ (ACTIR) joint investigation confirmed the identity of the actors leading Storm-1152’s operations – Duong Dinh Tu, Linh Van Nguyễn (also known as Nguyễn Van Linh), and Tai Van Nguyen – based in Vietnam.
It further revealed that these individuals operated and wrote the code for the illicit websites, published detailed step-by-step instructions on how to use their products via video tutorials and provided chat services to assist those using their fraudulent services.
“Storm-1152 is a formidable foe established with the sole purpose of making money by empowering adversaries to commit complex attacks. The group is distinguished by the fact that it built its CaaS business in the light of day versus on the dark web. Storm-1152 operated as a typical internet going-concern, providing training for its tools and even offering full customer support. In reality, Storm-1152 was an unlocked gateway to serious fraud,” said, Kevin Gosschalk, founder and CEO of Arkose Labs.
Increase in Fraudulent Account Demand Among Cybercriminals
Cybercriminals need fraudulent accounts to support their largely automated criminal activities. With companies able to quickly identify and shut down fraudulent accounts, criminals require a greater quantity of accounts to circumvent mitigation efforts.
Instead of spending time trying to create thousands of fraudulent accounts, cybercriminals can simply purchase them from Storm-1152 and other groups.
Additionally, Microsoft Threat Intelligence uncovered various cybercrime groups engaging in ransomware, data theft, and extortion, utilizing accounts from Storm-1152. One such group, Octo Tempest, also known as Scattered Spider, was found to have acquired fraudulent Microsoft accounts through Storm-1152.
Octo Tempest is a financially motivated cybercrime entity employing extensive social engineering campaigns to compromise global organizations for financial extortion purposes.
Microsoft is actively monitoring additional threat actors involved in ransomware and extortion, such as Storm-0252 and Storm-0455, who have similarly procured fraudulent accounts from Storm-1152 for their malicious activities.
Further, the tech giant will be using threat intelligence insights from cybersecurity defense and bot management vendor Arkose Labs, to crack down on cybercriminals.
Microsoft is working with Arkose Labs to deploy a CAPTCHA defense solution. The solution requires every would-be user who wishes to open a Microsoft account to represent that they are a human being (not a bot) and verify the accuracy of that representation by solving various types of challenges.
Disclaimer
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.
About The Author
Kumar is an experienced Tech Journalist with a specialization in the dynamic intersections of AI/ML, marketing technology, and emerging fields such as crypto, blockchain, and NFTs. With over 3 years of experience in the industry, Kumar has established a proven track record in crafting compelling narratives, conducting insightful interviews, and delivering comprehensive insights. Kumar's expertise lies in producing high-impact content, including articles, reports, and research publications for prominent industry platforms. With a unique skill set that combines technical knowledge and storytelling, Kumar excels at communicating complex technological concepts to diverse audiences in a clear and engaging manner.
More articles
Kumar is an experienced Tech Journalist with a specialization in the dynamic intersections of AI/ML, marketing technology, and emerging fields such as crypto, blockchain, and NFTs. With over 3 years of experience in the industry, Kumar has established a proven track record in crafting compelling narratives, conducting insightful interviews, and delivering comprehensive insights. Kumar's expertise lies in producing high-impact content, including articles, reports, and research publications for prominent industry platforms. With a unique skill set that combines technical knowledge and storytelling, Kumar excels at communicating complex technological concepts to diverse audiences in a clear and engaging manner.
