Aug 25, 2022

Microsoft shuts down over 1,400 email accounts and 531,000 URLs used by ransomware gang that collected stolen customer credentials

Posted by in categories: business, cybercrime/malcode, evolution

Microsoft has shut down more than 1,400 malicious email accounts used by cybercriminals to collect stolen customer passwords via ransomware in the past year. The technology company has presented the second edition of ‘Cyber Signals’, a report that it produces periodically on cyber threats and that shows trends in security and cybercrime. In this issue, it offers insight into the evolution of extortion in cybercrime.

In this analysis, the company highlights that the specialization and consolidation of cybercrime have driven ransomware as a service (RaaS), which has become a dominant business model. RaaS programs, such as Conti or REvil, offer cybercriminals the opportunity to buy access to both ransomware payloads, leaked data and payment infrastructure.

These are used by different malicious actors, among which are the so-called access ‘brokers’, who sell the possibility of accessing the networks. In this way, those cybercriminals who do not have the necessary knowledge to execute the attacks can pay for these techniques and use them.

Comments are closed.