Microsoft clamps down on fake email shops.

December 14, 2023
1 min read
  • Microsoft has moved to take down US-based infrastructure and websites used by cybercrime group Storm-1152 to sell fraudulent online accounts. The group, alleged to be the top creator and seller of phony Microsoft accounts, has reportedly sold over 750 million such accounts, earning them millions of dollars.
  • The digital tech firm has obtained a court order on December 7 to seize infrastructure and websites used by the gang, alleging that these sites represent unauthorized use of Microsoft trademarks and cause ongoing harm to the company, its customers, and the general public.
  • The three leaders of the gang, all based in Vietnam, are reportedly responsible for coding and operating the websites, publishing videos to teach how to use their products, and offering online chat services to aid the “customers” – other criminals who used Storm-1152’s product for phishing and ransomware infections.
  • The criminal crew’s activities have also caused harm to other tech corporations, such as Google and Twitter, by selling bots capable of defeating CAPTCHAs, thus violating security protocols.
  • The websites taken down includes Hotmailbox.me, which sells false Microsoft Outlook accounts and 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA, which offer CAPTCHA-solving tokens for use on multiple platforms. Social media sites used to promote these illegal services were also seized.

This action from Microsoft is in response to the urgent need to address online crime. Their activity has reportedly led to damage inflicted to its clientele, with one of Storm-1152’s clients, Octo Tempest, being accused of carrying out large-scare ransomware assaults on Microsoft customers. This resulted in service disruptions and subsequent damages reputed to be in hundreds of millions of dollars.

As Microsoft awaits the results of this action, it’s clear the company is committed to tackling the issue of online fraud and ensuring safety for its users. This move could potentially inspire other technology companies to take a more aggressive stand against cybercrime, paving the way for safer online spaces.

Latest from Blog

Top VPN’s privacy claims confirmed by independent auditors

TLDR: Independent auditors from Deloitte Romania confirmed CyberGhost VPN’s privacy claims through a detailed audit of their systems. Auditors found that CyberGhost’s no-logs infrastructure works as expected, ensuring user data privacy. Independent