Memorial Day Alert: Microsoft’s Latest Cyber Signals Report Exposes Rising Gift Card Theft

• Microsoft’s report shows a 30% increase in Storm-0539 activity before Memorial Day and a 60% rise during fall and winter holidays.
• Experts highlight Storm-0539’s advanced methods, which use legitimate technologies to breach networks, steal credentials, and create unauthorized gift cards.

Microsoft has published a “Cyber Signals” report sharing new information about the hacking group Storm-0539 and a sharp rise in gift card theft as the Memorial Day holiday in the United States approaches. This report deepens concerns about cybersecurity vulnerabilities, highlighting the need for increased awareness against growing cyber threats.

The threat intelligence report reveals the strategies used by threat actor group Storm-0539, also identified as Atlas Lion. Their activity has increased, especially during US holidays such as Memorial Day, Labor Day, Thanksgiving, Black Friday, and Christmas. Ahead of Memorial Day, Microsoft noted a 30% increase in activity from Storm-0539 between March and May 2024. Additionally, between September and December 2023, there was a 60% increase in attacks, aligning with the fall and winter holiday seasons.

See more: Microsoft Sends Out Warning about Growing Threat of Gift Card Fraud

Jared Sladich, cyber threat intelligence engineering manager at Cofense, highlights the sophisticated nature of Storm-0539’s operations. “What is novel about Storm-0539 is the level of operational sophistication indicative of a planned and coordinated effort, meaning that the threat actors are not just simply firing away single-staged attacks. There is a programmatic understanding of how companies may issue gift cards, and the attackers use this as a vector to breach trusted networks. Additionally, they are utilizing legitimate and expected technology/applications to establish footholds within the networks(s), pilfer credentials, and assumedly steal critical data.

The methods implemented here are not unique or new. But, they are being successfully used in concert, showing more sophistication than most phishing activities we have seen in the past. This follows the current trend that we are seeing with threat actors developing and implementing more sensical approaches not only in their techniques and methods but also in their content and messaging. This is undoubtedly augmented by the availability of more advanced tools. But, it’s important to remember that, at their core, most cyberattacks use a series of very simple techniques, including social engineering and the abuse of legitimate technologies.”

Moreover, Roger Grimes, data-driven defense evangelist at KnowBe4, warns against underestimating the seriousness of the situation. Roger highlights, “It’s important that readers don’t see this as yet another “scammers are going to use gift cards” warning. This is far more sophisticated. This is sophisticated hackers breaking into organizations known for gift cards to create and cash out new unauthorized but otherwise legitimate gift cards. The gift card companies are the target. But, with the access these hackers are getting, I would also worry about their ability to send malicious gift card emails and SMS text messages to potential victims. Because the hacker has an authorized account within the legitimate organization, the “gift card” email would arrive from the legitimate organization and its domain. I haven’t read about this yet, but I’m sure it happens or could easily happen. There are two lessons: first, gift card companies are specifically targeted because gift cards are essentially cash. Second, any unexpected email or text message arriving with a gift card offer could arrive from a compromised gift card company and domain, so always treat gift card emails with extra caution.”

These expert opinions emphasize how urgently businesses must strengthen their security postures and stay alert against evolving cyber threats. By adopting proactive defense strategies and robust security protocols, organizations can reduce the risk posed by cybercriminals like Storm-0539 and safeguard against the growing threat of fraudulent gift cards.

MORE NEWS ON MICROSOFT

• Microsoft’s New ‘Recall’ AI in Windows 11 Tracks Every Action on Your PC
• Leading AI Tools and Search Engines Go Down Due to Microsoft Outage
• Azure and Microsoft Exchange Servers Victim To Active Exploitation by Hackers
• Microsoft Build Day 1: It’s All About AI
• OpenAI Faces New Threat as Microsoft Plans Collaboration With Databricks