Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

Microsoft Shuts Down a Criminal Ring Responsible for Creating Over 750 Million Fake Accounts

Microsoft Corp. has shut down a cybercrime group's US-based infrastructure, which created more than 750 million fake accounts across the company's services.
Microsoft carried out the takedown with the support of Arkose Labs Inc., a venture-backed cybersecurity firm.
The latter sells a cloud platform that allows businesses in blocking fraud and hacking efforts aimed at their services.
Storm-1152 is the threat actor that Microsoft has identified.
Several hacking organisations' tactic is to create fake accounts in services like Microsoft Outlook and then use them for phishing or spam campaigns.
Fraudulent accounts can be employed to launch distributed denial-of-service attacks.
Hackers typically do not create such accounts themselves, but rather purchase them from cybercrime-as-a-service outfits such as Storm-1152, the threat actor that Microsoft has disrupted.
It is estimated that the gang created 750 million such accounts and also created fraudulent users on other companies' services.
Storm-1152 sold software for circumventing CAPTCHAs, which are used by many online sites to ensure that a login request comes from a human and not an automated system.
Microsoft believes that several cybercrime groups' hacking efforts were fueled by the fake accounts that Storm-1152 created.
Scattered Spider, the threat actor behind the widely reported attacks against Caesars Entertainment Inc. and MGM Resorts International earlier this year, is believed to be one of those groups.
According to Microsoft's investigation, Storm-1152 earned millions of dollars in illegal money while incurring far larger expenses for the companies who made an effort to thwart it.
Microsoft disrupted the four websites by obtaining a seizure order from a federal court in the Southern District of New York.
As part of its efforts to thwart Storm-1152's operations, Microsoft has also discovered that the group is led by three Vietnamese citizens : Duong Dinh Tu, Linh Van Nguyn, and Tai Van Nguyen.
The company stated that it has reported its findings to law enforcement.

This Cyber News was published on www.cysecurity.news. Publication date: Sun, 17 Dec 2023 15:13:04 +0000

Cyber News related to Microsoft Shuts Down a Criminal Ring Responsible for Creating Over 750 Million Fake Accounts

Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 364

Warning: Undefined variable $domain_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 466

CVE-2025-38179 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago

CVE-2019-10712 - The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. ...
4 years ago

Microsoft Shuts Down a Criminal Ring Responsible for Creating Over 750 Million Fake Accounts - Microsoft Corp. has shut down a cybercrime group's US-based infrastructure, which created more than 750 million fake accounts across the company's services. Microsoft carried out the takedown with the support of Arkose Labs Inc., a venture-backed ...
1 year ago Cysecurity.news Scattered Spider

Microsoft disrupts credentials marketplace, warns of gift card fraud, OAuth abuse - After a relatively quiet final Patch Tuesday of 2023, Microsoft published warnings this week about the potential for gift card fraud and hackers abusing a popular authentication technology. Alongside the warnings, Microsoft said it recently used a ...
1 year ago Therecord.media

Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence - Criminal IP, a renowned Cyber Threat Intelligence search engine developed by AI SPERA, has recently signed a technology partnership to exchange threat intelligence data based on domains and potentially on the IP address to protect users by blocking ...
1 year ago Hackread.com

Microsoft takes down websites used to create 750 million fraudulent accounts - Microsoft seized certain websites run by a Vietnam-based group that created roughly 750 million fraudulent Microsoft accounts after the software maker received a court order a week ago from the Southern District of New York. Posting to its blog Dec. ...
1 year ago Packetstormsecurity.com

Five best practices for securing Active Directory service accounts - Windows Active Directory (AD) service accounts are prime cyber-attack targets due to their elevated privileges and automated/continuous access to important systems. To support software-specific functions, service accounts require elevated permissions ...
6 months ago Bleepingcomputer.com

CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
1 year ago Securityboulevard.com APT29

Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com

Ring Will Stop Giving Cops a Free Pass on Warrantless Video Requests - Ring, the Amazon-owned home surveillance company known for its long history of partnering with police, announced today that it plans to shut down a controversial tool that allows law enforcement to ask users to share their footage without first ...
1 year ago Wired.com

Police dismantles investment fraud ring stealing €10 million - “They persuaded their victims to make fake investments through a network of fake advisors and experts, manipulated websites, and telephone call centers,” the police says. In organized operations like the one dismantled by the Spanish ...
2 months ago Bleepingcomputer.com

Fake and Stolen X Gold Accounts Flood Dark Web - A surge of fake or stolen X Gold accounts has been flooding marketplaces and forums both on the surface web and the dark web over the past year, according to CloudSEK. Threat actors have used multiple techniques to forge or steal X Gold accounts ...
1 year ago Infosecurity-magazine.com

Microsoft Targets Threat Group Behind Fake Accounts - Microsoft seized parts of the infrastructure of a prolific Vietnam-based threat group that the IT giant said was responsible for creating as many as 750 million fraudulent Microsoft accounts that were then sold to other bad actors and used to launch ...
1 year ago Securityboulevard.com APT29 Scattered Spider

How Microsoft's cybercrime unit has evolved to combat increased threats - Governments and the tech industry around the world have been scrambling in recent years to curb the rise of online scamming and cybercrime. Even with progress on digital defenses, enforcement, and deterrence, the ransomware attacks, business email ...
1 year ago Packetstormsecurity.com

Millions of Microsoft Accounts Power Lattice of Automated Cyberattacks - Microsoft's Digital Crimes Unit last week disrupted a prolific cybercrime-as-a-service purveyor that it calls Storm-1152, which registered more than 750 million fraudulent Microsoft accounts to sell online to other cybercriminals - raking in millions ...
1 year ago Darkreading.com Scattered Spider

How Kasada Counters Toll Fraud and Fake Account Creation for Enterprises - Toll fraud and fake account creation are two advanced threats that bad actors employ for massive profit. Fake Account Creation is committed by a wide range of attackers, through automating the generation of new user accounts en masse, which then get ...
1 year ago Securityboulevard.com

Microsoft's Digital Crime Unit Goes Deep on How It Disrupts Cybercrime - Governments and the tech industry around the world have been scrambling in recent years to curb the rise of online scamming and cybercrime. Even with progress on digital defenses, enforcement, and deterrence, the ransomware attacks, business email ...
1 year ago Wired.com

Cyber Insights 2023: Criminal Gangs - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. Despite some geopolitical overlaps with state attackers, the majority of ...
2 years ago Securityweek.com

Ring denies breach after users report suspicious logins - However, customers are not buying Ring's explanation, reporting that they saw unknown devices, strange IP addresses, and countries that they never visited listed in their Authorized Client Devices list, so they couldn't be previous logins. Ring is ...
1 month ago Bleepingcomputer.com

Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts - Microsoft on Wednesday announced the disruption of Storm-1152, a cybercrime-as-a-service ecosystem that created 750 million fraudulent Microsoft accounts in support of phishing, identity theft, and other schemes. The CaaS is believed to have made ...
1 year ago Securityweek.com Scattered Spider

Unveiling Storm-1152: A Top Creator of Fake Microsoft Accounts - The Digital Crimes Unit of Microsoft disrupted a major supplier of cybercrime-as-a-service last week, dubbed Storm-1152. The attackers had registered over 750 million fake Microsoft accounts, which they planned to sell online to other cybercriminals, ...
1 year ago Cysecurity.news Scattered Spider

CyberCrime & Doing Time: Classic Baggie: A Delaware BEC Case calls him the leader of an International Criminal Organization - The U.S. Attorney's office in Delaware charged Olugbenga Lawal with being a major money launderer for a Nigerian-based international criminal organization that specialized in Business Email Compromise and Romance Scam. The Defendant's importance in ...
1 year ago Garwarner.blogspot.com

CVE-2020-12506 - Improper Authentication vulnerability in WAGO 750-8XX series with FW version < FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO ...
3 years ago

CVE-2020-12505 - Improper Authentication vulnerability in WAGO 750-8XX series with FW version < FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO ...
3 years ago

Misconfigured Firebase Instances Expose 125 Million User Records - Hundreds of websites misconfigured Google Firebase, leaking more than 125 million user records, including plaintext passwords, security researchers warn. It all started with the hacking of Chattr, the AI hiring system that serves multiple ...
1 year ago Securityweek.com