Governments and the tech industry around the world have been scrambling in recent years to curb the rise of online scamming and cybercrime.
Even with progress on digital defenses, enforcement, and deterrence, the ransomware attacks, business email compromises, and malware infections keep on coming.
Over the past decade, Microsoft's Digital Crimes Unit has forged its own strategies, both technical and legal, to investigate scams, take down criminal infrastructure, and block malicious traffic.
The DCU is fueled, of course, by Microsoft's massive scale and the visibility across the Internet that comes from the reach of Windows.
DCU team members repeatedly told WIRED that their work is motivated by very personal goals of protecting victims rather than a broad policy agenda or corporate mandate.
In just its latest action, the DCU announced Wednesday evening efforts to disrupt a cybercrime group that Microsoft calls Storm-1152.
A middleman in the criminal ecosystem, Storm-1152 sells software services and tools like identity verification bypass mechanisms to other cybercriminals.
The group has grown into the number one creator and vendor of fake Microsoft accounts-creating roughly 750 million scam accounts that the actor has sold for millions of dollars.
The DCU used legal techniques it has honed over many years related to protecting intellectual property to move against Storm-1152.
The team obtained a court order from the Southern District of New York on December 7 to seize some of the criminal group's digital infrastructure in the US and take down websites including the services 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA, as well as a site that sold fake Outlook accounts called Hotmailbox.
The DCU's hybrid technical and legal approach to chipping away at cybercrime is still unusual, but as the cybercriminal ecosystem has evolved-alongside its overlaps with state-backed hacking campaigns-the idea of employing creative legal strategies in cyberspace has become more mainstream.
In recent years, for example, Meta-owned WhatsApp and Apple both took on the notorious spyware maker NSO Group with lawsuits.
Still, the DCU's particular progression was the result of Microsoft's unique dominance during the rise of the consumer Internet.
As the group's mission came into focus while dealing with threats from the late 2000s and early 2010s-like the widespread Conficker worm-the DCU's unorthodox and aggressive approach drew criticism at times for its fallout and potential impacts on legitimate businesses and websites.
Richard Boscovich, the DCU's assistant general counsel and a former assistant US attorney in Florida's Southern District, told WIRED in 2014 that it was frustrating for people within Microsoft to see malware like Conficker rampage across the web and feel like the company could improve the defenses of its products, but not do anything to directly deal with the actors behind the crimes.
That dilemma spurred the DCU's innovations and continues to do so.
In the mid-2000s, Krumm says, Brad Smith, now Microsoft's vice chair and president, was a driving force in turning the company's attention toward the threat of email spam.
This Cyber News was published on packetstormsecurity.com. Publication date: Mon, 18 Dec 2023 15:13:18 +0000