December 14, 2023 at 01:12AM
Microsoft obtained a court order to seize infrastructure set up by cybercriminal group Storm-1152, which sold approximately 750 million fraudulent Microsoft accounts and tools to other criminal actors, netting millions of dollars. This cybercrime-as-a-service operation facilitated mass phishing, identity theft, DDoS attacks, ransomware, and fraud. The group was attributed to specific websites and individuals based in Vietnam.
Key takeaways from the meeting notes:
– Microsoft obtained a court order to seize infrastructure set up by a group called Storm-1152, which was involved in peddling roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages.
– The fraudulent online accounts were used in cybercrime activities such as mass phishing, identity theft, fraud, and distributed denial-of-service (DDoS) attacks.
– These cybercrime-as-a-service (CaaS) offerings were designed to get around identity verification software across various technology platforms and help minimize the efforts needed to conduct malicious activities online, effectively lowering the barriers to entry for attackers.
– Multiple threat actors, including Octo Tempest (aka Scattered Spider), used accounts from Storm-1152 to carry out ransomware, data theft, and extortion schemes.
– The group had been active since at least 2021 and was attributed to various websites, pages, and services, including fraudulent Microsoft Outlook accounts, machine learning-based CAPTCHA solving services, and social media pages for advertising the services.
– Microsoft was able to identify three individuals based in Vietnam who were instrumental in developing and maintaining the infrastructure: Duong Dinh Tu, Linh Van Nguyễn (also known as Nguyễn Van Linh), and Tai Van Nguyen.
– The group not only sold its technology, but also performed fake account registration attacks, sold the fake accounts to other cybercriminals, and cashed out with cryptocurrency.
Let me know if you need any further assistance.