pds-it
['Blog post','no']
Microsoft Technology
Blog

Storm-1152: Microsoft and Arkose Labs take action against hacker group

Contents

    The hacker group Storm-1152 creates and sells fraudulent Microsoft software. Naturally, the technology giant does not like this at all. Microsoft is working with Arkose Labs to combat fraudulent software and cybercrime with a new security initiative.

    Storm-1152 and the fraud with counterfeit software

    It should be clear that Microsoft is anything but thrilled when copies of its software are sold. In addition to the monetary loss, counterfeiting also harbors another danger: hackers generally have an easy game when they get their hands on illegal software.

    Mass phishing, identity theft and DDoS attacks are the most common offenses in connection with counterfeit software. It is not uncommon for the software to already be designed to tap into users' data or take over their accounts.

    The hacker group Storm-1152 has been known to Microsoft for some time and is a thorn in its side. That is why the company has teamed up with Arkose Labs, one of the leading providers of cyber security solutions, to jointly combat Storm-1152.

    What was previously known was that Storm-1152 sells fake identity verification software in the name of Microsoft and is therefore very successful. The hacker group is said to have sold almost 750 million fraudulent software copies.

    While Storm-1152 is responsible for development and distribution, so to speak, the buyers of the illegal software are no less criminal. Customers include other well-known hacker groups such as Storm-0252, known for call center fraud, Storm-0455, which specializes primarily in malware in banking systems, and Octo Tempest, also known as Scattered Spider.

    The successful attack on Storm-1152

    In 2023, Microsoft and Arkose Labs went on the offensive against Storm-1152 and were successful. In December, Microsoft obtained a court order to shut down several illegal websites and social media accounts operated by the hacker group and used to reproduce the fraudulent software.

    Furthermore, some of the names behind the criminal organization have even been discovered. The special thing about the hacker group is that its activities are more or less public. While most hacker groups tend to keep a low profile on the dark web, the brains behind Storm-1152 even posted instructional videos on their YouTube channels on how to use their illegal software correctly.

    As Kevin Gosschalk, founder and CEO of Arkose Labs, explains: "Storm-1152 stands out because it built its cybercrime-as-a-service business in broad daylight, not on the dark web. Storm-1152 acted like a typical Internet company, offering training for its tools and even providing comprehensive customer support. In doing so, Storm-1152 was an open gateway for serious fraud."

    The strike against Storm-1152 is a great success. However, Microsoft and Arkose Labs realistically assume that the illegal software will continue to be distributed with modifications. The war against cybercrime is hard to win, but an important battle was decided in December 2023 in favor of the right side.

    Using Microsoft software securely with skill it

    Learn in our training Microsoft Security, Compliance, and Identity Fundamentals to learn the basics for the secure use of Microsoft software and cloud applications. Do you want to develop and implement cyber security strategies yourself? Then our four-day training Microsoft Cybersecurity Architect is the right one for you. With practical exercises, you will learn how to set up and evaluate different strategies to create a secure digital environment.

    Author
    Kia Figge
    As the founder of Textflamme, Kia has been writing for companies from all industries for over 10 years. She has written texts for countless websites and blogs and feels at home in the field of information technology.