In an announcement on the company blog on December 13, Microsoft said it had sent a complaint to law enforcement agencies in the US against three individuals including Duong Dinh Tu, Linh Van Nguyen and Tai Van Nguyen. These people were determined to live in Vietnam, behind an organization called Storm-1152.
This organization specializes in providing resources for cyber fraud, including large online accounts from Microsoft’s Hotmail and Outlook services. This group operates a website specializing in selling accounts, several pages selling tools to bypass the Captcha code entry step, and several social media channels to advertise services.
YouTube channel supports using the group’s services. Photo: Microsoft
According to experts, online accounts are important resources in cyber attacks. In large numbers, they can help cybercriminals automate attacks, while also making it challenging for platforms to detect and prevent bad accounts.
“To date, Storm-1152 has created and sold approximately 750 million Microsoft accounts for fraud, bringing the group millions of dollars in illegal revenue,” Microsoft’s announcement read. In addition, the group’s actions also make it difficult and costly for the company and other companies to fight cybercrime.
Thanks to Storm-1152’s service, hacker groups can quickly get thousands of accounts, instead of having to create them themselves. “This allows criminals to focus on their primary goals of phishing, spamming, ransomware, and other forms of fraud and abuse. Organizations like Storm-1152 help cybercriminals carry out their bad behavior more effectively and efficiently,” Microsoft wrote.
According to the investigation, the Storm-1152 accounts provided to hackers were discovered in many data theft and ransomware encryption campaigns by groups such as Octo Tempest and a number of other campaigns since 2021.
The service of the Storm-1152 group is accused by Microsoft of supporting cybercriminals. Photo: Microsoft
After discovery, Microsoft’s cybersecurity experts and a third party, Arkose Labs, performed analysis, trial purchases of services as well as some special techniques to detect the group behind it and the infrastructure. of the group. In addition to the individuals named, the group’s website domain name has now been seized by Microsoft, according to an order from a US court. A YouTube channel specializing in instructions for using the service on YouTube has also been renamed.
Kevin Gosschalk, CEO of Arkose Labs, assesses the danger of Storm-1152 in that they operate like a regular Internet service provider and can be easily searched in both dark and light areas. of the Internet. The group’s services are a gateway to serious cyberattacks.
In addition, this activity also violates Microsoft’s terms of service by selling fraudulent accounts, “pretending” to be normal users to bypass the security measures of online services.
Luu Quy
EN 
VI
Leave a Reply
You must be logged in to post a comment.