Security News > 2023 > December > Microsoft seizes websites used to sell phony email accounts to Scattered Spider and other crims

Microsoft has taken down US-based infrastructure and websites used by a cybercrime group to sell fraudulent online accounts to other crooks including Scattered Spider, the infamous social-engineering and extortion crew that hacked two Las Vegas casinos over the summer.

The gang, Storm-1152, is the "Number one seller and creator of fraudulent Microsoft accounts" and has listed for sale 750 million of these, according to Amy Hogan-Burney, Microsoft's associate general counsel for cybersecurity policy and protection.

This, in turn, has earned Storm-1152 "Millions of dollars" in ill-gotten gains, while costing Microsoft customers even more money.

Microsoft obtained a court order on December 7 to seize US-based infrastructure and remove websites used by the gang after convincing a judge that these sites represented unauthorized use of Microsoft trademarks and pose ongoing harm to Redmond, its customers and the general public.

Me, which sold fraudulent Microsoft Outlook accounts; 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA, which sold CAPTCHA-solving tokens for use across various platforms; and social media sites used to advertise these illegal services.

Scattered Spider is one of Storm-1152's clients that used these phony Microsoft Outlook email accounts in other types of cybercrime.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/12/14/microsoft_seizes_storm_1152_websites/