REDMOND, WA – Multiple domains utilized by a Vietnamese cybercrime group known as “Storm-1152” to sell fraudulent Outlook email accounts have been seized by Microsoft’s Digital Crimes Unit. The domains have been used to cause millions of dollars in damage.
Storm-1152 had reportedly used these domains to register over 750 million fake Outlook accounts that they then would sell online to cybercriminals. In addition, the outlaw group also provided numerous other illegal services to the internet’s dark underbelly, such as an automatic CAPTCHA-solving service that would allow users to register yet additional dummy Microsoft email accounts by allowing them to bypass the tech giant’s CAPTCHA challenges.
Amy Hogan-Burney, the General Manager of Microsoft’s Digital Crimes Unit, said that Storm-1152 has created an entire online underworld where they ply their trade to help facilitate a number of digital crimes that have harmed countless innocent people.
Storm-1152 runs illicit websites and social media pages, selling fraudulent Microsoft accounts and tools to bypass identity verification software across well-known technology platforms. These services reduce the time and effort needed for criminals to conduct a host of criminal and abusive behaviors online,” she said. “Since at least 2021, the Defendants have been engaged in a scheme to obtain millions of Microsoft Outlook email accounts in the names of fictitious users based on a series of false representations, and then sell these fraudulent accounts to malicious actors for use in various types of cybercrime.”
The fraudulent Outlook accounts sold by Storm-1152 to vast numbers of bad actors on the internet have been utilized for crimes ranging from installing ransomware, data theft, and extortion.
Storm-1152’s U.S.-based infrastructure was seized by Microsoft on December 7 and numerous websites connected to the group were closed via a court order from the District Attorney of the Southern District of New York. Among the sites seized included Hotmailbox.me – used for selling fake Outlook accounts – and 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA, websites that sold identity verification bypass tools that allowed users to overcome CAPTCHA solving services.
In addition, social media sites utilized by Storm-1152 to promote and market these services were closed down as well, and the individuals who were purportedly hosting the Vietnamese cybercriminal group’s operation on the seized domains – Duong Dinh Tu, Linh Van Nguyen (a/k/a Nguyen Van Linh), and Tai Van Nguyen – are being directly sued by Microsoft for their alleged involvement.
About The Author: John Colascione is Chief Executive Officer of Internet Marketing Services Inc. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a ‘how to’ book called ”Mastering Your Website‘, and is a key player in several Internet related businesses through his search engine strategy brand Searchen Networks®