The trustworthiness of the online authentication systems used to verify whether the user is human is currently under scrutiny. Microsoft recently uncovered a group of cyber criminals in a major development that exposed the widely-used authentication technique known as “Captcha”.
Microsoft uncovered a group of hackers, "Storm-1152", that sold 750 million fake Microsoft accounts that enable cyber criminals to execute their online attacks.
- The beginning
Storm-1152 is a group of cyber hackers that operates from Vietnam. It managed to overcome all the authentication terms required to create a Microsoft account.
The group initially targets the Captcha technique, a widely-used window that requests a user to type a series of letters or numbers, or click on parts of a picture depicting buses of stairs, to verify that they are human, not robots.
But this authentication method is becoming less efficient, as Storm-1152 found a way to deceive it and create millions of fake accounts.
The hackers used “machine learning” to train their special hacking tool on clicking in the right place on the verification pictures, explained François Deruty, expert at a cybersecurity firm, Sekoia.
Then, the Storm-1152 hackers sold these fake accounts on a website for actors planning attacks, such as phishing emails and ransomware, according to Deruty.
- Famous group
The Vietnamese group is well-known. While other countries like China, Iran, Russia and North Korea make headlines in most cybersecurity attacks news, Vietnam, like India and Türkiye, has many hacking groups that make progress every year, added Deruty.
Microsoft has blocked a part of its websites on the US territories following a federal ruling that approved the closure of the servers that the group breached. “They definitely have other websites somewhere else and an international collaboration is needed to shut them down,” the expert noted.
Defenses against techniques used by cybercriminals
There are novel techniques such as the multifactor authentication, which uses codes sent via SMSs for example, but it’s a matter of time before the hackers figure out its vulnerabilities.
Other methods include security keys provided by banks for better security, but expanding these novel methods require more time and money, while Microsoft still keeps the old versions of its different programs.
