Microsoft Takes Action To Stop Sales Of Fake Accounts

Uploaded on 2023-12-19 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Microsoft has recently taken action to shut down a prolific Vietnam-based criminal group it describes as the number one seller and creator of fake accounts. Storm-1152 runs illicit websites and social media pages that sell hacking tools including those aimed at identity verification software.

Microsoft announced it has obtained a court order from the Federal court for the Southern District of New York to seize infrastructure set up by Storm-1152.

This criminal group worked on roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting the operators $millions in illicit revenue.

Now, Microsoft has taken down websites and other online assets used by the Storm-1152 cyber crime group, which the company said is the “number one seller and creator of fraudulent Microsoft accounts.”

“Storm-1152 runs illicit websites and social media pages, selling fraudulent Microsoft accounts and tools to bypass identity verification software across well-known technology platforms... These services reduce the time and effort needed for criminals to conduct a host of criminal and abusive behaviors online,” Microsoft said.

“With companies able to quickly identify and shut down fraudulent accounts, criminals require a greater quantity of accounts to circumvent mitigation efforts... Instead of spending time trying to create thousands of fraudulent accounts, cyber criminals can simply purchase them from Storm-1152 and other groups,” Microsoft said.

"Fraudulent online accounts act as the gateway to a host of cybercrime, including mass phishing, identity theft and fraud, and distributed DDoS attacks," , said Amy Hogan-Burney,Microsoft's associate general counsel for cyber security policy & protection.  

Such cybercrime-as-a-service (CaaS) offerings are designed to circumvent identity verification software across various technology platforms and help minimise the efforts needed to conduct malicious activities online, including phishing, spamming, ransomware, and fraud, effectively lowering the barriers to entry for attackers.

Microsoft collaborated with Arkose Labs on the initiative, which enabled them to identify three individuals based in Vietnam who were instrumental in developing and maintaining the infrastructure

Microsoft:    ArkoseLabs:  ArkoseLabs:    Hacker News:   Security Week:    Infosecurity Magazine:    MeriTalk: 

Image: Unsplash

You Might Also Read: 

EvilProxy Hits Microsoft 365 Business Accounts:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Britain Removes Chinese Components From The National Grid
Joint Opposition To Online Threats From North Korea »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

InnoSec

InnoSec

InnoSec is a software manufacturer of cyber risk management technology.

Paygilant

Paygilant

Paygilant’s disruptive technology is designed to protect mobile payment  financial transactions against fraudulent attacks, whether executed by NFC, QR code, P2P or in-app.

CIRISK

CIRISK

CIRISK offers a wide range of services from consulting to audit or project management to help you develop your cyber security or information security strategy.

Dice

Dice

Dice is a leading recruitment platform, helping technology professionals manage their careers and employers connect with highly skilled tech talent in specialist areas including cybersecurity.

Fastcomcorp

Fastcomcorp

Fastcomcorp offers a world-class proactive cyber security defense and risk management consulting. Including Darkweb monitoring and posture assessments.

Barikat Cyber Security

Barikat Cyber Security

Barikat is a provider of information security solution and services including security analysis and compliance, security testing, managed security services, incident response and training.

ISMAC

ISMAC

ISMAC was founded to create a security solution that would work for smaller to medium as well as bigger corporations at an affordable price.

Prime Technology Services

Prime Technology Services

Prime Tech are a group of Red Hat, Microsoft & Cisco Certified IT Professionals with an impressive track record of consistently delivering value to our corporate clients.

Campus cyber

Campus cyber

A project initiated by the President of the Republic, the Cyber Campus is the totem site of cybersecurity that brings together the main national and international players in the field.

Galvanick

Galvanick

Galvanick enables your operations and IT teams to protect your industrial systems and networks against digital threats.

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.

Securin

Securin

Securin offers a comprehensive portfolio of solutions including Attack Surface Management, Vulnerability Intelligence, Penetration Testing, and Vulnerability Management.

CyberCure

CyberCure

CyberCure provide specialised roles and services to manage your organisations cybersecurity requirements and professional advisory services in governance, risk and compliance.

Interlock

Interlock

Interlock are building blockchain-based security products that solve legacy web2 security issues - phishing and social engineering.

NetAlly

NetAlly

NetAlly network test solutions help engineers and technicians better deploy, manage, maintain, and secure today’s complex wired and wireless networks.

Aprio

Aprio

Aprio is a premier business advisory and accounting firm. We deliver advisory, tax, managed, and private client services to build value, drive growth, manage risk, and protect wealth.