Home Innovation Cyber Security Microsoft takes action against...
Cyber Security
Business Fortune
15 December, 2023
With its move against Storm-1152, a group that provides a "cybercrime-as-a-service" network, Microsoft has taken a significant step in the fight against cybercrime.
In order to break up Storm-1152's network, the company has taken aggressive legal action. It has taken down important websites, seized US-based infrastructure, and conducted thorough investigations to find the people behind the group's operations.
In a blog post, Amy Hogan-Burney, general manager and associate general counsel for cybersecurity policy and protection at Microsoft, claimed that Storm-1152 operates illegitimate websites and social media pages, offering tools to get around identity verification software on popular tech platforms and phony Microsoft accounts. She went on to say that these services cut down on the time and energy that criminals require to engage in a variety of abusive and illegal activities online.
Storm-1152 has distinguished itself as a particularly serious danger by producing over 750 million phony Microsoft accounts for sale. They give cybercriminals simple access to fictitious accounts, in contrast to other groups. Because of this ease, thieves can focus on more lucrative endeavors like ransomware, spamming, phishing, and other frauds and abuses.
Microsoft's activities are in accordance with a recent Southern District of New York court decision that gives the corporation permission to confiscate Storm-1152's US-based websites and infrastructure. The actions included taking control of Hotmailbox.me, interfering with 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA services, and focusing on the social media sites that promoted these services.
According to Microsoft Threat Intelligence, multiple groups are utilizing the fictitious accounts of Storm-1152 to commit ransomware and other online crimes. Notably, these accounts were used for international financial extortion by the group Octo Tempest. Microsoft is also keeping an eye on other groups that have used Storm-1152's services to launch more potent assaults, such as Storm-0252 and Storm-0455.