The Digital Crimes Unit of Microsoft disrupted a major supplier of cybercrime-as-a-service last week, dubbed Storm-1152.
The attackers had registered over 750 million fake Microsoft accounts, which they planned to sell online to other cybercriminals, making millions of dollars in the process.
Cybercriminals can employ fraudulent accounts linked to fictitious profiles as a virtually anonymous starting point for automated illegal operations including ransomware, phishing, spamming, and other fraud and abuse.
Storm-1152 is the industry leader in the development of fictitious accounts, offering account services to numerous prominent cyber threat actors.
Microsoft lists Scattered Spider as one of these cybercriminals.
They are the ones responsible for the ransomware attacks on Caesars Entertainment and the MGM Grand this fall).
Storm-1152's ability to circumvent security measures such as CAPTCHAs and construct millions of Microsoft accounts linked to nonexistent people highlights the group's expertise, according to researchers.
Platforms can take a number of precautions to prevent unwittingly aiding cybercrime, the researchers noted.
One such safeguard is the implementation of sophisticated detection algorithms that can recognise and flag suspicious conduct at scale, ideally with the help of AI. Furthermore, putting robust multifactor authentication in place for the creation of accounts-especially those with elevated privileges-can greatly lower the success rate of creating fake accounts.
Ontinue's Jones emphasises that more work needs to be done on a number of fronts.
This Cyber News was published on www.cysecurity.news. Publication date: Wed, 20 Dec 2023 15:43:05 +0000