Microsoft’s Digital Crimes Unit has taken action against the Vietnamese-based cybercrime group Storm-1152, which was involved in the sale of fraudulent Outlook accounts. The group, known for its cybercrime-as-a-service activities, registered over 750 million fraudulent accounts and generated millions of dollars by selling them online. Storm-1152 operated illicit websites and social media pages, offering not only fraudulent Outlook accounts but also tools to bypass identity verification software, including an automatic CAPTCHA-solving service to overcome Microsoft’s challenges. Microsoft, through its legal efforts and the seizure of domains, aims to disrupt the broader cybercriminal ecosystem by targeting tools used in cyberattacks.
Storm-1152’s fraudulent accounts were purchased and used by various cybercrime groups engaged in ransomware attacks, data theft, and extortion. Microsoft’s legal complaint highlights the group’s involvement in schemes to obtain millions of Microsoft Outlook email accounts through false representations and then selling these accounts to other malicious actors. The resulting service disruptions caused by the use of Storm-1152’s accounts led to damages estimated to be in the hundreds of millions of dollars. The company seized Storm-1152’s U.S.-based infrastructure and took down multiple websites, including Hotmailbox.me, a platform selling fraudulent Outlook accounts, and sites facilitating CAPTCHA-solving services.
The legal action also involves a lawsuit against individuals allegedly involved in hosting the cybercriminal operation. The defendants, Duong Dinh Tu, Linh Van Nguyen, and Tai Van Nguyen, were implicated in managing and developing the code for the seized websites. They also provided video guides on using fraudulent Outlook accounts and offered chat support for customers of their illicit services. Microsoft’s strategy of disrupting the cybercriminal ecosystem aligns with its broader efforts to combat malware and nation-state operations through legal means. The recent action underscores the company’s commitment to tackling cybercrime and protecting users from fraudulent activities in the digital space.
