عربي English Türkçe اردو فارسى
Logo
Latest News
Technology

How Did Hackers Breach Microsoft’s Security, Create Millions of Fake Accounts?

This file photo from April 12, 2016, shows the Microsoft logo in Issy-les-Moulineaux, outside Paris, France. (AP Photo/Michel Euler, File)
This file photo from April 12, 2016, shows the Microsoft logo in Issy-les-Moulineaux, outside Paris, France. (AP Photo/Michel Euler, File)
TT
20
TT

How Did Hackers Breach Microsoft’s Security, Create Millions of Fake Accounts?

This file photo from April 12, 2016, shows the Microsoft logo in Issy-les-Moulineaux, outside Paris, France. (AP Photo/Michel Euler, File)
This file photo from April 12, 2016, shows the Microsoft logo in Issy-les-Moulineaux, outside Paris, France. (AP Photo/Michel Euler, File)

The trustworthiness of the online authentication systems used to verify whether the user is human is currently under scrutiny. Microsoft recently uncovered a group of cyber criminals in a major development that exposed the widely-used authentication technique known as “Captcha”.

Microsoft uncovered a group of hackers, "Storm-1152", that sold 750 million fake Microsoft accounts that enable cyber criminals to execute their online attacks.

- The beginning

Storm-1152 is a group of cyber hackers that operates from Vietnam. It managed to overcome all the authentication terms required to create a Microsoft account.

The group initially targets the Captcha technique, a widely-used window that requests a user to type a series of letters or numbers, or click on parts of a picture depicting buses of stairs, to verify that they are human, not robots.

But this authentication method is becoming less efficient, as Storm-1152 found a way to deceive it and create millions of fake accounts.

The hackers used “machine learning” to train their special hacking tool on clicking in the right place on the verification pictures, explained François Deruty, expert at a cybersecurity firm, Sekoia.

Then, the Storm-1152 hackers sold these fake accounts on a website for actors planning attacks, such as phishing emails and ransomware, according to Deruty.

- Famous group

The Vietnamese group is well-known. While other countries like China, Iran, Russia and North Korea make headlines in most cybersecurity attacks news, Vietnam, like India and Türkiye, has many hacking groups that make progress every year, added Deruty.

Microsoft has blocked a part of its websites on the US territories following a federal ruling that approved the closure of the servers that the group breached. “They definitely have other websites somewhere else and an international collaboration is needed to shut them down,” the expert noted.

Defenses against techniques used by cybercriminals

There are novel techniques such as the multifactor authentication, which uses codes sent via SMSs for example, but it’s a matter of time before the hackers figure out its vulnerabilities.

Other methods include security keys provided by banks for better security, but expanding these novel methods require more time and money, while Microsoft still keeps the old versions of its different programs.

Most Viewed

 
Technology

Impostor Uses AI to Impersonate Rubio and Contact Foreign and US Officials

Secretary of State Marco Rubio attends a signing ceremony for a peace agreement between Rwanda and the Democratic Republic of the Congo at the State Department, June 27, 2025, in Washington. (AP Photo/Mark Schiefelbein, File)
Secretary of State Marco Rubio attends a signing ceremony for a peace agreement between Rwanda and the Democratic Republic of the Congo at the State Department, June 27, 2025, in Washington. (AP Photo/Mark Schiefelbein, File)
TT
20
TT

Impostor Uses AI to Impersonate Rubio and Contact Foreign and US Officials

Secretary of State Marco Rubio attends a signing ceremony for a peace agreement between Rwanda and the Democratic Republic of the Congo at the State Department, June 27, 2025, in Washington. (AP Photo/Mark Schiefelbein, File)
Secretary of State Marco Rubio attends a signing ceremony for a peace agreement between Rwanda and the Democratic Republic of the Congo at the State Department, June 27, 2025, in Washington. (AP Photo/Mark Schiefelbein, File)

The State Department is warning US diplomats of attempts to impersonate Secretary of State Marco Rubio and possibly other officials using technology driven by artificial intelligence, according to two senior officials and a cable sent last week to all embassies and consulates.

The warning came after the department discovered that an impostor posing as Rubio had attempted to reach out to at least three foreign ministers, a US senator and a governor, according to the July 3 cable, which was first reported by The Washington Post.

The recipients of the scam messages, which were sent by text, Signal and voice mail, were not identified in the cable, a copy of which was shared with The Associated Press.

“The State Department is aware of this incident and is currently investigating the matter,” it said. “The department takes seriously its responsibility to safeguard its information and continuously takes steps to improve the department’s cybersecurity posture to prevent future incidents.”

It declined to comment further due to “security reasons” and the ongoing investigation.

One of the officials said the hoaxes had been unsuccessful and “not very sophisticated.” Nonetheless, the second official said the department deemed it “prudent” to advise all employees and foreign governments, particularly as efforts by foreign actors to compromise information security increase.

The officials were not authorized to discuss the matter publicly and spoke on condition of anonymity.

“There is no direct cyber threat to the department from this campaign, but information shared with a third party could be exposed if targeted individuals are compromised,” the cable said.

The FBI warned in a public service announcement this past spring of a “malicious text and voice messaging campaign” in which unidentified “malicious actors” have been impersonating senior US government officials.

The scheme, according to the FBI, has relied on text messages and AI-generated voice messages that purport to come from a senior US official and that aim to dupe other government officials as well as the victim’s associates and contacts.

It is the second high-level Trump administration official to face such AI-driven impersonation.

The government was investigating after elected officials, business executives and other prominent figures received messages from someone impersonating President Donald Trump’s chief of staff, Susie Wiles. Text messages and phone calls went out from someone who seemed to have gained access to the contacts in Wiles’ personal cellphone, The Wall Street Journal reported in May.

Some of those who received calls heard a voice that sounded like Wiles, which may have been generated by artificial intelligence, according to the newspaper. The messages and calls were not coming from Wiles’ number, the report said.