Key points:
- Microsoft has seized control of 1,152 websites linked to cyber-criminal enterprise Storm-1152, which is reputed as the top seller of fake Microsoft accounts and products.
- In tandem with Arkose Labs, Microsoft is combating cybercrime and taking steps to shut down operations contributing to fraud, spam, and security breaches.
In an important cybersecurity development, Microsoft — working closely with their partner Arkose Labs — seized 1,152 websites controlled by cyber-criminal enterprise Storm-1152. This notorious outfit is well-known for its illegal sale of fake Microsoft products and accounts, which aids hackers in malicious activities including spamming, phishing, and ransomware.
Storm-1152 has engineered more than 750 million fraudulent accounts, generating millions in profits while inflicting considerable financial losses on Microsoft and others as they combat this form of cybercrime. These criminals supply bulk counterfeit accounts to other cybercriminals, who easily bypass the hassles of creating fake accounts themselves.
Furthermore, Microsoft’s Threat Intelligence has connected Storm-1152 accounts to other malicious groups that amplify their global extortion campaigns. On December 7, 2023, Microsoft obtained a court order to terminate the US infrastructure of Storm-1152, causing the shutdown of websites that were compromising the security of Microsoft’s users.
This crackdown extends beyond Microsoft products, affecting other tech platforms as well. Microsoft’s Digital Crimes Unit has also disrupted operations of entities like Hotmailbox[.]me, 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA. Moreover, Microsoft and Arkose Labs are working together on next-gen CAPTCHA solutions to bolster digital security.
The duplicitous activities of Storm-1152 caused harm to both Microsoft and Arkose Labs. Proceedings indicate that such malicious actions often culminate in money laundering activities. The group sources its operations from Vietnam, where online tutorials were detected teaching viewers how to bypass security measures.
To clamp down on such cyber malicious activities, Microsoft uses legally sanctioned practices and continues to work with industry partners to improve AI and machine learning methodologies to counteract these threats. However, it is recognized that as Storm-1152 has been stopped, other cyber threats will adapt, pointing to the necessity of continuing teamwork within the tech industry to combat cybercrime.