Security News > 2024 > May > Microsoft spots gift card thieves using cyber-espionage tactics
Microsoft has published a "Cyber Signals" report sharing new information about the hacking group Storm-0539 and a sharp rise in gift card theft as we approach the Memorial Day holiday in the United States.
The FBI previously warned about Storm-0539's activities earlier this month, highlighting the threat group's advanced techniques in conducting gift card theft and fraud, stating that their tactics resemble state-sponsored hackers and sophisticated cyberespionage actors.
In the newly released Cyber Signals report, Microsoft corroborates that the threat actors target organizations that issue gift cards rather than end users, while also revealing large-scale abuse of cloud service providers for low-cost operations.
Storm-0539 is a Moroccan financially motivated threat group active since 2021, primarily focusing on gift card and payment card fraud.
"Typically, organizations set a limit on the cash value that can be issued to an individual gift card. For example, if that limit is $100,000, the threat actor will issue a card for $99,000 then send themselves the gift card code and monetize them," explains Microsoft's Cyber Signals report.
Microsoft suggests that gift card issuing portal operators constantly monitor for anomalies and implement conditional access policies that would prevent a single, potentially hijacked account from generating an unusually large number of cards.