Summary: Microsoft has taken control of a domain used by a Vietnamese trio involved in selling fraudulent accounts and CAPTCHA bypass services, disrupting a significant cybercrime operation. This action follows a previous court ruling allowing Microsoft to target additional domains linked to the Storm-1152 threat actor.
Threat Actor: Storm-1152 | Storm-1152
Key Point :
- Microsoft seized the domain rockcaptcha[.]com, which was used to create and distribute fake Microsoft accounts.
- The operation was responsible for generating approximately 750 million fraudulent accounts and provided CAPTCHA bypass services.
- Prior to the disruption, the group was creating around one million new accounts each week.
- The seizure was authorized by a federal judge in the Southern District of New York on July 23.
- Three individuals identified as key operators are Duong Dinh Tu, Linh Van Nguyen, and Tai Van Nguyen.
Original Source: https://landingpage-h0gcc3bvhkd2aaez.z01.azurefd.net/1152/Lyons%20Decl.%20ISO%20Mot.%20for%20Suppl.%20PI.pdf
Cyber Law and Cybercrime Investigation Blog: Immuniweb