Storm-1575Storm-1575

Also known as: Storm-1575

Known aliases
1

Profile

Storm-1575 is a threat actor identified by Microsoft as being involved in phishing campaigns using the Dadsec platform. They utilize hundreds of Domain Generated Algorithm domains to host credential harvesting pages and target global organizations to steal Microsoft 365 credentials.

Aliases· 1

Storm-1575

References

  1. https://www.bridewell.com/insights/blogs/detail/analysing-widespread-microsoft365-credential-harvesting-campaign
  2. https://twitter.com/MsftSecIntel/status/1712936244987019704?lang=en

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Storm-0324
Actor
Storm-1674
Actor
Storm-1175
Actor
Storm-1295
Actor
TA575
Actor
Storm-1286
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.