Microsoft has taken down US-based infrastructure and websites used by a cybercrime group to sell fraudulent online accounts to other crooks including Scattered Spider, the infamous social-engineering and extortion crew that hacked two Las Vegas casinos over the summer.
Microsoft obtained a court order on December 7 to seize US-based infrastructure and remove websites used by the gang after convincing a judge that these sites represented unauthorized use of Microsoft trademarks and pose ongoing harm to Redmond, its customers and the general public.
Specifically, the seized websites include: Hotmailbox.
Me, which sold fraudulent Microsoft Outlook accounts; 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA, which sold CAPTCHA-solving tokens for use across various platforms; and social media sites used to advertise these illegal services.
They didn't just victimize Microsoft, they also injured other tech companies including Google and X/Twitter by selling CAPTCHA-defeating bots, the court documents alleged.
Scattered Spider is one of Storm-1152's clients that used these phony Microsoft Outlook email accounts in other types of cybercrime.
While the court documents don't name the customers, in early September this crime gang broke into the networks of Caesars Entertainment and MGM Resorts and demanded ransoms from both hotel and casino giants.
MGM did not pay a ransom but has said the nearly week-long system outages and disrupted operations resulting from the digital intrusion cost it about $100 million.
This Cyber News was published on go.theregister.com. Publication date: Thu, 14 Dec 2023 22:28:06 +0000