Moroccan cybercrime group impersonates nonprofits and abuses cloud services to rake in gift card cash
摩洛哥網(wǎng)絡(luò)犯罪組織冒充非營利組織并濫用云服務(wù)來騙取禮品卡現(xiàn)金
A highly successful, financially motivated crime group has been impersonating nonprofit organizations to obtain reduced rates or even free access to cloud accounts, which it then uses to operate an increasing number of gift card theft scams targeting top U.S. retailers, researchers with Microsoft said Thursday.
微軟研究人員周四表示,一個(gè)非常成功的、出于經(jīng)濟(jì)動(dòng)機(jī)的犯罪團(tuán)伙一直冒充非營利組織,以獲取更低的費(fèi)率,甚至免費(fèi)訪問云帳戶,然后利用這些帳戶來實(shí)施越來越多針對(duì)美國頂級(jí)零售商的禮品卡盜竊騙局。
The researchers said activity tied to the group, tracked by Microsoft as Storm-0539 or Atlas Lion and active since late 2021, has increased 30% between since March, following a 60% increase in intrusion activity between September and December of 2023, according to research compiled by Microsoft and set to be presented at the annual Sleuthcon cybercrime conference Friday.
研究人員表示,與該組織相關(guān)的活動(dòng)(被微軟追蹤為 Storm-0539 或 Atlas Lion,自2021年底以來一直活躍)的數(shù)據(jù)顯示,自3月份以來,該組織的入侵活動(dòng)增加了30%,而2023年9月至12月期間的入侵活動(dòng)增加了 60%。微軟編制的研究報(bào)告將于周五在年度 Sleuthcon 網(wǎng)絡(luò)犯罪會(huì)議上公布。
The group specializes in targeting major retailers, mostly in the United States, by focusing on key employees or offices within those companies that control payment and gift card operations. After successfully phishing those employees, the attackers gain the ability to navigate intricate cloud environments, as well as specific company procedures, to maximize the amount of money that can be stolen via fraudulently issued payment or gift cards.
該組織專門針對(duì)主要零售商(主要在美國),重點(diǎn)關(guān)注那些控制支付和禮品卡業(yè)務(wù)的公司內(nèi)的關(guān)鍵員工或辦公室。成功對(duì)這些員工進(jìn)行網(wǎng)絡(luò)釣魚后,攻擊者能夠?yàn)g覽復(fù)雜的云環(huán)境以及特定的公司程序,以最大限度地通過欺詐性發(fā)放的支付或禮品卡竊取資金。