Multiple Domains Used by Vietnamese Cybercrime Group Seized by Microsoft | Strategic Revenue

REDMOND, WA – Multiple domains utilized by a Vietnamese cybercrime group known as “Storm-1152” to sell fraudulent Outlook email accounts have been seized by Microsoft’s Digital Crimes Unit. The domains have been used to cause millions of dollars in damage.

Storm-1152 had reportedly used these domains to register over 750 million fake Outlook accounts that they then would sell online to cybercriminals. In addition, the outlaw group also provided numerous other illegal services to the internet’s dark underbelly, such as an automatic CAPTCHA-solving service that would allow users to register yet additional dummy Microsoft email accounts by allowing them to bypass the tech giant’s CAPTCHA challenges.

Amy Hogan-Burney, the General Manager of Microsoft’s Digital Crimes Unit, said that Storm-1152 has created an entire online underworld where they ply their trade to help facilitate a number of digital crimes that have harmed countless innocent people.

Storm-1152 runs illicit websites and social media pages, selling fraudulent Microsoft accounts and tools to bypass identity verification software across well-known technology platforms. These services reduce the time and effort needed for criminals to conduct a host of criminal and abusive behaviors online,” she said. “Since at least 2021, the Defendants have been engaged in a scheme to obtain millions of Microsoft Outlook email accounts in the names of fictitious users based on a series of false representations, and then sell these fraudulent accounts to malicious actors for use in various types of cybercrime.”

The fraudulent Outlook accounts sold by Storm-1152 to vast numbers of bad actors on the internet have been utilized for crimes ranging from installing ransomware, data theft, and extortion.

Storm-1152’s U.S.-based infrastructure was seized by Microsoft on December 7 and numerous websites connected to the group were closed via a court order from the District Attorney of the Southern District of New York. Among the sites seized included Hotmailbox.me – used for selling fake Outlook accounts – and 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA, websites that sold identity verification bypass tools that allowed users to overcome CAPTCHA solving services.

Earlier @Microsoft disrupted one of the largest alleged cybercrime-as-a-service businesses: Storm-1152. The ACTIR Unit is proud to have assisted Microsoft. Details here: https://t.co/1oVISIBCQl #cybersecurity #BotManagement #Storm1152 @PatriceBoffa @AshishJa1n @kgosschalk pic.twitter.com/GdDYgN9r8R
— Arkose Labs (@ArkoseLabs) December 14, 2023

In addition, social media sites utilized by Storm-1152 to promote and market these services were closed down as well, and the individuals who were purportedly hosting the Vietnamese cybercriminal group’s operation on the seized domains – Duong Dinh Tu, Linh Van Nguyen (a/k/a Nguyen Van Linh), and Tai Van Nguyen – are being directly sued by Microsoft for their alleged involvement.

John Colascione

About The Author: John Colascione is Chief Executive Officer of Internet Marketing Services Inc. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a ‘how to’ book called ”Mastering Your Website‘, and is a key player in several Internet related businesses through his search engine strategy brand Searchen Networks®

The Evolving Landscape of Search, SEO, AI and the Role of Domains

Near Identical Domain Used To Scam Over $800,000 With Wire For Real Estate Deal

Leave a Reply Cancel reply