Microsoft recently seized a number of malicious websites and infrastructure used to trade fraudulent Outlook accounts. The Vietnamese cybercriminals of Storm-1152 were selling the accounts.
The Vietnamese cybercriminals of Storm-1152 had registered about 750 fraudulent Outlook accounts. By reselling these to other cybercriminals, they earned millions of dollars. Other financially motivated hacker groups such as Storm-0252, Storm-0455 and Octo Tempest would use Storm-1152’s malicious Outlook accounts for their own cybercrime activities.
In addition to trading these fraudulent Outlook accounts, Storm-1152 also earned money by selling other illegal tools, such as software that automatically resolves CAPTCHAs. This allows Microsoft’s CAPTCHA security to be bypassed to create even more fraudulent Microsoft email accounts.
Seizure of malicious domains
Microsoft’s special Digital Crimes Unit, therefore, recently seized several Web site domains that facilitate these malicious accounts. Web pages which are now no longer accessible include Hotmailbox.me, the 1stCAPTCHA, AnyCAPTCHA and NoneCAPTCHA websites and social media sites that marketed the services of those websites.
Lawsuit against cyber criminals
In addition, three Vietnamese who were part of the hacker group were dragged before a U.S. court. These individuals are accused of conducting a cybercrime operation through the seized domains. They are also accused of developing the code, managing the websites in question, publishing video tutorials for using fraudulent Outlook accounts and providing chat support to “customers” of their malicious services.
According to Microsoft, the action against traffickers in fraudulent Outlook accounts is part of a broader strategy to target the criminal cybercrime ecosystem and the tools they use in their attacks.
Also read: Octo Tempest: Microsoft warns of aggressive hacker gang
23 hours ago
