Microsoft has managed to identify four of the 10 persons believed to be part of Storm-2139: Arian Yadegarnia, aka “Fiz,” of Iran; Alan Krysiak, aka “Drago,” of the United Kingdom; Ricky Yuen, aka “cg-dot,” of Hong Kong; and Phát Phùng Tấn, aka “Asakuri,” of Vietnam. Cg-dot is believed to be one of the two “creators,” while the other three were “providers” in the criminal operation.
The company said it has also identified two members based in the US, in Illinois and Florida, but for now, it’s keeping those identities secret because of ongoing criminal investigations.
Gang members out each other
Microsoft originally announced it was taking legal action against cybercriminals abusing its AI services in January and subsequently managed to seize a website that was critical to the Storm-2139 operation. This seizure and the unsealed legal filings immediately generated chatter on the communication channels used by the gang, with members and users speculating about whose identities might have been exposed. Microsoft lawyers also had their personal information and photographs shared.
