Microsoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals.
According to Microsoft Threat Intelligence, numerous cybergroups involved in ransomware, data theft, and extortion have bought and used accounts provided by Storm-1152 in their attacks.
Financially-motivated Storm-0252, Storm-0455, and Octo Tempest cybercrime gangs used Storm-1152 fraudulent accounts to infiltrate organizations worldwide and deploy ransomware on their networks.
The resulting service disruptions resulted in damages estimated by Microsoft to be in the hundreds of millions of dollars.
Me, a website selling fraudulent Microsoft Outlook accounts.
1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA, websites that facilitate the tooling, infrastructure, and selling of the CAPTCHA solving service to bypass the confirmation of use and account setup by a real person.
These sites sold identity verification bypass tools for other technology platforms.
The social media sites actively used to market these services.
The company also sued Duong Dinh Tu, Linh Van Nguyen, and Tai Van Nguyen for their purported involvement in hosting the cybercriminal operation on the seized domains.
As further alleged in the complaint, the defendants managed and developed the code for the seized websites.
They were also involved in publishing video guides on how to use the fraudulent Outlook accounts and offered chat support to 'customers' using their fraudulent services.
Russian hackers exploiting Outlook bug to hijack Exchange accounts.
Microsoft fixes Outlook zero-day used by Russian hackers since April 2022.
Microsoft: OAuth apps used to automate BEC and cryptomining attacks.
Windows 10 KB5033372 update released with Copilot for everyone, 20 changes.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 13 Dec 2023 23:50:15 +0000