Uptime Hamster: 3d 11h 11mDeploy: 14 Jul 2026 21:26Updated: 2026-07-16
Logo del actor de amenaza Storm-2246

Storm-2246

0 incidentes 0 paises 0 sectores apt NG Ultimo: -
Ver en IntelTracker → APTTrail →
Storm-2246 is a cybercriminal organization operating the RaccoonO365 Phishing-as-a-Service (PhaaS) platform, which emerged in July 2024 and rapidly became a prominent tool for stealing Microsoft 365 credentials. The group, reportedly led by Joshua Ogundipe of Nigeria, develops, markets, and sells subscription-based phishing kits via Telegram to a customer base exceeding 850 members. These kits enable even cybercriminals with limited technical skills to conduct credential theft by mimicking official Microsoft communications. A distinctive characteristic is their sophisticated use of legitimate services, such as Cloudflare Turnstile CAPTCHA, to imbue phishing pages with an air of authenticity and to evade detection, alongside employing homoglyph domains like 'rnicrosoft.com' to deceive users. The group's primary motivation is financial gain, having accrued at least $100,000 in cryptocurrency payments from their service subscriptions. RaccoonO365 further distinguishes itself through its c

Actores similares

stormousransomware · 177crimson-sandstormactor · 1Storm-1811actor · 1Storm-0501apt · 1Dust Stormapt · 1storm-cloudactor · 1unc1549-crimson-sandstormactor · 1smoke-sandstorm-cuboid-saactor · 1Storm-0324apt · 0Storm-2372apt · 0
Tecnicas MITRE
T1528 - Steal Application Access Token, T1583.001 - Domain Registration, T1567 - Exfiltration Over Web Service, T1583 - Acquire Infrastructure, T1566 - Phishing, T1036 - Masquerading
Tipo
apt
Pais origen
NG
Motivacion
-
Impacto
53
Actualizado
Thu, 23 Oc

Paises objetivo (SOCRadar)

AustraliaNigeriaUnited States

Sectores objetivo (SOCRadar)

Other Information ServicesMonetary Authorities-Central BankSoftware PublishersManufacturingPublic AdministrationAdministrative &Waste Management InsuranceElectrical&Electronical ManufacturingInformation ServicesComputer Design & Services