TechDogs-"How Is Microsoft’s Latest Cyber Security Move Benefitting Its Users?"

Cyber Security

How Is Microsoft’s Latest Cyber Security Move Benefitting Its Users?

By TechDogs Bureau

TD NewsDesk

Updated on Mon, Dec 18, 2023

Overall Rating
In an era where people rely on computers, mobile devices and connectivity to the internet for personal, professional and recreational purposes, cyber security cannot be ignored.

Especially considering the rise in ransomware attacks in the last few years, with a report from Chainalysis, a cryptocurrency tracing firm, finding that ransomware victims ended up coughing up almost $500 million in the first 6 months alone!

Add to this other cybercrime such as malware, data theft, Business Email Compromises (BEC), fraud, identity theft and other means of extortion that are on the rise. Add to this the capabilities of generative artificial intelligence (GenAI) and the landscape of cyber-attacks gets much worse.

Of course, numerous companies are looking to remediate or even prevent such issues entirely.

One such company is Microsoft, who recently announced a victorious moment against a major cybercrime group. So, what did they do and how does it help consumers? Let’s explore!
 

What Did Microsoft Announce?

 
  • Microsoft announced they were going after the “number one seller and creator of fraudulent Microsoft accounts,” a group known as Storm-1152.

  • The cybercrime group Storm-1152 runs illicit websites and social media pages to sell fraudulent Microsoft accounts and tools to bypass identity verification software. Essentially, this helps reduce the effort and time needed for criminals to conduct criminal activity.

  • Reportedly, Storm-1152 has made around 750 million fraudulent Microsoft accounts available for sale and earned millions from it.

  • Microsoft seized some of the group’s digital infrastructure, including a website that sold fake Outlook accounts, CAPTCHA bypassing services and the social media sites actively used to market these services.

  • The idea behind the move was to send a strong message to those creating, selling or distributing fraudulent Microsoft products.

  • Microsoft took the help of “valuable threat intelligence insights” from Arkose Labs, a leading cybersecurity defense and bot management vendor.

  • Furthermore, Microsoft Threat Intelligence found multiple groups using Storm-1152 accounts, including Octo Tempest (AKA Scattered Spider) and continues to track other threat actors who acquired accounts from the cyber group.
   

How Did Microsoft Tackle Storm-1152?

 
  • Microsoft went the legal way by obtaining a court order from the Southern District of New York on December 7, 2023, which allowed them to seize US-based infrastructure and take offline websites used by Storm-1152.

  • Along with aiming to safeguard Microsoft customers from the harmful effects of the group, the move also helped other technology platforms by taking down tools used to bypass their security measures.

  • Carried out by Microsoft’s Digital Crimes Unit (DCU), the move disrupted Hotmailbox.me, which sold fraudulent Microsoft Outlook accounts, 1stCAPTCHA, AnyCAPTCHA and NoneCAPTCHA, websites that “facilitate the tooling, infrastructure, and selling of the CAPTCHA solve service to bypass the confirmation of use and account setup by a real person and identity verification bypass tools for other technology platforms.”

   

What Did The Experts Say?

 
  • Speaking about the cybercrime group, Kevin Gosschalk, Founder and CEO of Arkose Labs, said, “Storm-1152 is a formidable foe established with the sole purpose of making money by empowering adversaries to commit complex attacks. The group is distinguished by the fact that it built its CaaS business in the light of day versus on the dark web.”

  • [Contd.] “Storm-1152 operated as a typical internet going-concern, providing training for its tools and even offering full customer support. In reality, Storm-1152 was an unlocked gateway to serious fraud.”

  • Speaking on the growth of Microsoft’s Digital Crimes Unit (DCU) Peter Anaman, a DCU principal investigator, said, “Things have become a lot more complex … Traditionally you would find one or two people working together. Now, when you’re looking at an attack, there are multiple players. But if we can break it down and understand the different layers that are involved it will help us be more impactful.”


Can other businesses emulate Microsoft’s approach to modern cyber threats? What other measures can users, businesses and cyber security companies take to tackle the rise of cyber-attacks?

Let us know in the comments below!

First published on Mon, Dec 18, 2023

Enjoyed what you've read so far? Great news - there's more to explore!

Stay up to date with the latest news, a vast collection of tech articles including introductory guides, product reviews, trends and more, thought-provoking interviews, hottest AI blogs and entertaining tech memes.

Plus, get access to branded insights such as informative white papers, intriguing case studies, in-depth reports, enlightening videos and exciting events and webinars from industry-leading global brands.

Dive into TechDogs' treasure trove today and Know Your World of technology!

Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. All information / content found on TechDogs' site may not necessarily be reviewed by individuals with the expertise to validate its completeness, accuracy and reliability.

Join The Discussion

- Promoted By TechDogs -

Code Climate Achieves Centralized Observability And Enhances Application Performance With Vector

Join Our Newsletter

Get weekly news, engaging articles, and career tips-all free!

By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.

  • Dark
  • Light