LIVE
Robinhood to Launch Crypto Trading in the UKUSDT Becomes Unavailable on Regulated EU Markets as MiCA Deadline HitsBinance and CZ Face £150 Million Lawsuit From UK Crypto InvestorsTaiwan Legislature Passes Crypto Law for Exchanges and Stablecoin IssuersCitigroup Cuts Bitcoin and Ethereum Price Targets on ETF OutflowsTaiwan Legislature Approves Crypto Law Establishing Regulatory FrameworkTrump Reportedly Holds Over $50M in Bitcoin in Cold WalletVisa, Stripe, Coinbase and BlackRock Back Open USD StablecoinSpot Bitcoin ETFs Face Worst Monthly Outflows Since LaunchNasdaq Brings Flagship Equity Data Onchain Via Pyth NetworkRobinhood to Launch Crypto Trading in the UKUSDT Becomes Unavailable on Regulated EU Markets as MiCA Deadline HitsBinance and CZ Face £150 Million Lawsuit From UK Crypto InvestorsTaiwan Legislature Passes Crypto Law for Exchanges and Stablecoin IssuersCitigroup Cuts Bitcoin and Ethereum Price Targets on ETF OutflowsTaiwan Legislature Approves Crypto Law Establishing Regulatory FrameworkTrump Reportedly Holds Over $50M in Bitcoin in Cold WalletVisa, Stripe, Coinbase and BlackRock Back Open USD StablecoinSpot Bitcoin ETFs Face Worst Monthly Outflows Since LaunchNasdaq Brings Flagship Equity Data Onchain Via Pyth Network
Homepage/News/Microsoft Halts 3,000 Accounts Over North Korean Fraud
NEWS

Microsoft Halts 3,000 Accounts Over North Korean Fraud

BY Adriana Mavrenko·2 MIN READ·JULY 4, 2025

Microsoft has suspended 3,000 Outlook and Hotmail accounts linked to North Korean operatives involved in a global fraud scheme, targeting Fortune 500 companies and tech firms. The U.S. Department of Justice participated in enforcement efforts.

KEY FINDINGS - EVIDENCE LEVEL: MULTI-SOURCE
1Key sections mapped in this report
0Internal references connected to related coverage
2External source domains cited in the article
2 minEstimated time to read the full report
Key Points:
  • Microsoft and DOJ target North Korean cyber fraud.
  • 3,000 accounts suspended by Microsoft.
  • Focus on identity fraud and payroll manipulation.
microsoft-halts-3000-accounts-over-north-korean-fraud
Microsoft Halts 3,000 Accounts Over North Korean Fraud

The event highlights the persistent threat of North Korean cyber operations. The focus on identity fraud over digital asset theft marks a shift in tactics. Immediate financial markets remain unaffected.

Microsoft’s Threat Intelligence team, under codename Jasper Sleet, has tracked these North Korean operatives. Their techniques include using AI for identity fraud. The U.S. DOJ seized hardware and closed numerous accounts in coordinated actions.

Enhanced identities created with AI tools were used to apply for jobs at major firms. American accomplices assisted by hosting “laptop farms” and renting identities, with one aiding transactions totaling nearly $1 million.

“The operation primarily exploited traditional employments and payroll systems with indirect mention of financial account seizures.” — Microsoft Threat Intelligence Team, Microsoft

No direct impact on major cryptocurrencies was reported. The focus on payroll fraud suggests a shift from crypto exploits, affecting traditional payment systems. While hundreds of financial accounts were seized, no significant crypto market disruption was noted.

Although the enforcement does not directly affect cryptocurrencies like BTC or ETH, the situation underscores ongoing cyber threats. The use of fabricated identities and AI innovations in fraud remains a focal concern.

Recent actions against North Korean cyber schemes follow past disruptions by U.S. authorities targeting similar activities. The ongoing efforts emphasize cybersecurity’s role in protecting financial systems globally.

Disclaimer:

The content on The CCPress is provided for informational purposes only and should not be considered financial or investment advice. Cryptocurrency investments carry inherent risks. Please consult a qualified financial advisor before making any investment decisions.

SOURCE TRANSPARENCY
  • External Source - Referenced domain: justice.gov
  • External Source - Referenced domain: twitter.com
  • Byline - Reported by Adriana Mavrenko
  • Coverage Desk - Primary editorial category: News
  • Media Asset - Featured image served from the WordPress media library