Microsoft Takes Action To Stop Sales Of Fake Accounts

Uploaded on 2023-12-19 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Microsoft has recently taken action to shut down a prolific Vietnam-based criminal group it describes as the number one seller and creator of fake accounts. Storm-1152 runs illicit websites and social media pages that sell hacking tools including those aimed at identity verification software.

Microsoft announced it has obtained a court order from the Federal court for the Southern District of New York to seize infrastructure set up by Storm-1152.

This criminal group worked on roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting the operators $millions in illicit revenue.

Now, Microsoft has taken down websites and other online assets used by the Storm-1152 cyber crime group, which the company said is the “number one seller and creator of fraudulent Microsoft accounts.”

“Storm-1152 runs illicit websites and social media pages, selling fraudulent Microsoft accounts and tools to bypass identity verification software across well-known technology platforms... These services reduce the time and effort needed for criminals to conduct a host of criminal and abusive behaviors online,” Microsoft said.

“With companies able to quickly identify and shut down fraudulent accounts, criminals require a greater quantity of accounts to circumvent mitigation efforts... Instead of spending time trying to create thousands of fraudulent accounts, cyber criminals can simply purchase them from Storm-1152 and other groups,” Microsoft said.

"Fraudulent online accounts act as the gateway to a host of cybercrime, including mass phishing, identity theft and fraud, and distributed DDoS attacks," , said Amy Hogan-Burney,Microsoft's associate general counsel for cyber security policy & protection.  

Such cybercrime-as-a-service (CaaS) offerings are designed to circumvent identity verification software across various technology platforms and help minimise the efforts needed to conduct malicious activities online, including phishing, spamming, ransomware, and fraud, effectively lowering the barriers to entry for attackers.

Microsoft collaborated with Arkose Labs on the initiative, which enabled them to identify three individuals based in Vietnam who were instrumental in developing and maintaining the infrastructure

Microsoft:    ArkoseLabs:  ArkoseLabs:    Hacker News:   Security Week:    Infosecurity Magazine:    MeriTalk: 

Image: Unsplash

You Might Also Read: 

EvilProxy Hits Microsoft 365 Business Accounts:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Britain Removes Chinese Components From The National Grid
Joint Opposition To Online Threats From North Korea »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

Centre for Cyber Security (CFCS) - Denmark

Centre for Cyber Security (CFCS) - Denmark

The Centre for Cyber Security is the Danish national IT security authority, Network Security Service and Centre for Excellence within cyber security.

Copenhagen FinTech

Copenhagen FinTech

Copenhagen FinTech is a centre for R&D and innovation in the Danish finance IT sector. Focus areas include cyber security and payments platforms.

Verint Systems

Verint Systems

Verint is a leader in Actionable Intelligence with a focus on customer engagement optimisation, security intelligence, fraud, risk and compliance.

CommuniTake

CommuniTake

CommuniTake builds security, enablement, and management solutions to provide people and organizations with better, and more secure mobile device use.

Information Technology & Cyber ​​Security Service (STISC) - Moldova

Information Technology & Cyber ​​Security Service (STISC) - Moldova

STISC is a public institution whose purpose is to ensure the administration, maintenance and development of the information technology infrastructure in Moldova.

Mvine

Mvine

Mvine's primary business is authoring and selling Cyber-Secure Platforms for Collaboration Portals and for Identity Management as well as delivering cloud support services.

Rule4

Rule4

Rule4 is a global professional services firm that provides practical, real-world knowledge and solutions in areas including cybersecurity, AI, Machine Learning and industrial control systems.

Netlawgic Legal Services

Netlawgic Legal Services

Netlawgic is exclusively focused on delivering cyber law solutions to the industry. We provide our clients with specialized attention and problem solving in all aspects of cyber law.

Alertot

Alertot

Hackers attack minutes after a new vulnerability is published. Alertot helps to decrease exposure time in organizations by notifying new issues when they are disclosed.

SpecTrust

SpecTrust

SpecTrust provides an all-in-one defense solution for identity abuse & fraud, enabling your company's talent to stay focused on the core business.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

Twingate

Twingate

Twingate help organizations secure and manage access to their technology resources in a world where people work from anywhere.

MicroAge

MicroAge

Powered by five decades of experience, lasting partnerships, client relationships, and the values that guide us daily, MicroAge is here to help you secure, accelerate, and transform your business.

Marcum Technology

Marcum Technology

Marcum Technology consultants are focused on helping you reach your company’s full potential by exploring creative ways to integrate tomorrow’s technology into your business today.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.