Storm-0539 is an unclassified threat actor labeled by Microsoft that has targeted the retail, software, and gaming industries. This talk is an analysis of the Tactics, Techniques and Procedures (TTPs) and objectives the actor carries out on its target. We’ll also delve into their primary motivation, which appears to be retaining legitimate access to the target environment to perpetuate gift card fraud, a fascinating distinction between STORM-0539 and some other financially motivated threat actors. This objective reflects a broader initiative in the threat landscape where the lines between fraud and cyber threats are becoming increasingly blurred–a serious consideration that Target CTI folks, Ryan Miller and Leah Schwartzman spoke to at the CTI Summit last fall.
This session is TLP:RED
