Security News > 2023 > December > Microsoft seizes websites used to sell phony email accounts to Scattered Spider and other crims
Microsoft has taken down US-based infrastructure and websites used by a cybercrime group to sell fraudulent online accounts to other crooks including Scattered Spider, the infamous social-engineering and extortion crew that hacked two Las Vegas casinos over the summer.
The gang, Storm-1152, is the "Number one seller and creator of fraudulent Microsoft accounts" and has listed for sale 750 million of these, according to Amy Hogan-Burney, Microsoft's associate general counsel for cybersecurity policy and protection.
This, in turn, has earned Storm-1152 "Millions of dollars" in ill-gotten gains, while costing Microsoft customers even more money.
Microsoft obtained a court order on December 7 to seize US-based infrastructure and remove websites used by the gang after convincing a judge that these sites represented unauthorized use of Microsoft trademarks and pose ongoing harm to Redmond, its customers and the general public.
Me, which sold fraudulent Microsoft Outlook accounts; 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA, which sold CAPTCHA-solving tokens for use across various platforms; and social media sites used to advertise these illegal services.
Scattered Spider is one of Storm-1152's clients that used these phony Microsoft Outlook email accounts in other types of cybercrime.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/12/14/microsoft_seizes_storm_1152_websites/
Related news
- Microsoft fixes Outlook email sending issue for users with many folders (source)
- Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Microsoft Outlook bug blocks email logins, causes app crashes (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft 365 Admin portal abused to send sextortion emails (source)