Microsoft Takes Action To Stop Sales Of Fake Accounts

Uploaded on 2023-12-19 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Microsoft has recently taken action to shut down a prolific Vietnam-based criminal group it describes as the number one seller and creator of fake accounts. Storm-1152 runs illicit websites and social media pages that sell hacking tools including those aimed at identity verification software.

Microsoft announced it has obtained a court order from the Federal court for the Southern District of New York to seize infrastructure set up by Storm-1152.

This criminal group worked on roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting the operators $millions in illicit revenue.

Now, Microsoft has taken down websites and other online assets used by the Storm-1152 cyber crime group, which the company said is the “number one seller and creator of fraudulent Microsoft accounts.”

“Storm-1152 runs illicit websites and social media pages, selling fraudulent Microsoft accounts and tools to bypass identity verification software across well-known technology platforms... These services reduce the time and effort needed for criminals to conduct a host of criminal and abusive behaviors online,” Microsoft said.

“With companies able to quickly identify and shut down fraudulent accounts, criminals require a greater quantity of accounts to circumvent mitigation efforts... Instead of spending time trying to create thousands of fraudulent accounts, cyber criminals can simply purchase them from Storm-1152 and other groups,” Microsoft said.

"Fraudulent online accounts act as the gateway to a host of cybercrime, including mass phishing, identity theft and fraud, and distributed DDoS attacks," , said Amy Hogan-Burney,Microsoft's associate general counsel for cyber security policy & protection.  

Such cybercrime-as-a-service (CaaS) offerings are designed to circumvent identity verification software across various technology platforms and help minimise the efforts needed to conduct malicious activities online, including phishing, spamming, ransomware, and fraud, effectively lowering the barriers to entry for attackers.

Microsoft collaborated with Arkose Labs on the initiative, which enabled them to identify three individuals based in Vietnam who were instrumental in developing and maintaining the infrastructure

Microsoft:    ArkoseLabs:  ArkoseLabs:    Hacker News:   Security Week:    Infosecurity Magazine:    MeriTalk: 

Image: Unsplash

You Might Also Read: 

EvilProxy Hits Microsoft 365 Business Accounts:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Britain Removes Chinese Components From The National Grid
Joint Opposition To Online Threats From North Korea »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Blueliv

Blueliv

Blueliv is a leading provider of targeted cyber threat information and intelligence. We deliver automated and actionable threat intelligence to protect the enterprise and manage your digital risk.

Charlton Networks

Charlton Networks

Charlton Networks provide a complete range of IT infrastructure, network and security solutions aimed at SME companies.

Secure Innovations

Secure Innovations

Secure Innovations is a cybersecurity firm dedicated to providing top-tier cyber security solutions for the Defense and the Intelligence Community.

Golden Frog

Golden Frog

Golden Frog is a Virtual Private Network services provider offering secure encrypted access to the internet.

Penacity

Penacity

Penacity, LLC provides strategic consulting technology services and Information Security Services to commercial and government organizations.

Swarmnetics

Swarmnetics

Swarmnetics helps customers discover hard-to-find software vulnerabilities by hacking your system before the bad guys do.

Option3

Option3

Option3 (formerly Option3Ventures - O3V) primarily seek control investments in the growing cybersecurity mid-market, seeking to build champions with the scale to bring cutting-edge products to market.

Area 1 Security

Area 1 Security

Area 1 is the only Pay-per-Phish solution in cyber security. And the only technology that blocks phishing attacks before they damage your business.

Secuvant

Secuvant

Secuvant is an independent IT Security firm providing enterprise-grade IT security services to mid-market organizations.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

NAK Consulting Services

NAK Consulting Services

NAK is helping organisations to create Secure, Agile IT Environments. Our goal is to be the trusted advisor and managed service partner for our clients.

Birch Cline Cybersecurity

Birch Cline Cybersecurity

Birch Cline specializes in helping Local Government and Education agencies, as well as mid-market organizations, build and maintain successful cybersecurity programs.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

Denodo

Denodo

Denodo transforms the way organizations operate by unifying their data assets in real time and making data ubiquitous and secure to all users and business applications.

AuditBoard

AuditBoard

AuditBoard is the leading cloud-based platform transforming audit, risk, ESG, and InfoSec management.