About the Arkose Cyber Threat Intelligence Research (ACTIR) Unit

About the Arkose Cyber Threat Intelligence Research (ACTIR) Unit

Arkose Cyber Threat Intelligence Research (ACTIR) is Arkose Labs’ dedicated counterintelligence unit. Its mandate is focused on threat hunting, risk intelligence, disarmament, and virtual enforcement. The unit is composed of seasoned threat researchers and data scientists, located around the world, enabling the team to take a “sun-never-sets” approach to threat detection and mitigation. ACTIR plays a pivotal role in keeping the biggest enterprises in the world safe from bot incursions, fraud farms, and hybrid automated attacks. 

Threat Actor Dossier: Greasy Opal

Greasy Opal: Greasing the Skids for Cybercrime

Read Dossier

Treat Actor Dossier: Veiled Marble

Veiled Marble: Diverting Innocents Towards Hidden Exploits

Read Dossier

About Arkose Labs

Arkose Labs protects enterprises from cybercrime and abuse, helping category leaders, frontier businesses, and the most recognizable brands globally create a safe online environment for their consumers by detecting and mitigating cyber attacks.

ACTIR Unit Threat Research Taxonomy

Access Now

Recent News

Blog

Storm-1152: A Continuing Battle Against Cybercrime
Blog

Bold Action Against Fraud: Disrupting Storm-1152
Blog

CaaS Alert: The Disruption of Storm-1152

Discover how Microsoft, with threat intelligence from ACTIR, disrupted one of the largest and most notorious threat actor groups to build cybercrime-as-a-service businesses.
Press Release

Disrupting the Gateway Services to Cybercrime

Learn how a cybercriminal ring headquartered in Vietnam built and sold tools to bypass enterprise security controls, creating hundreds of millions of phony online accounts.
Report

Breaking (Bad) Bots: Bot Abuse Analysis and Other Fraud Benchmarks

Deepen your understanding of the contemporary attack landscape, how GenAI and CaaS are driving a surge in attacks, and threat intelligence by industry, region, and attack type.
Blog

Disrupting the Gateway Services to Cybercrime by Microsoft

Learn about Microsoft’s actions against Storm-1152, aimed to raise cybercriminals’ cost of doing business while protecting Microsoft customers and other online users.
News

Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted
News

Microsoft cracks down on group operating ‘cybercrime-as-a-service’
News

Microsoft disrupts credentials marketplace, warns of gift card fraud, OAuth abuse
News

Microsoft disrupts cybercrime group that created 750M+ fake accounts
News

Microsoft disrupts cybercrime operation selling fraudulent accounts to notorious hacking gang
News

Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts
News

Microsoft Exposes and Dismantles Cybercrime Syndicate Storm-1152
News

Microsoft seizes infrastructure of top cybercrime group
News

Microsoft Seizes Websites That Created 750 Million Fake Accounts
News

Microsoft Takes Down Group Selling Fake Accounts to Hacking Gangs
News

Microsoft Takes Legal Action to Crack Down on Storm-1152’s Cybercrime Network
News

Microsoft targets CAPTCHA-cracking bot ring allegedly responsible for 750M fake accounts
News

What Is Storm-1152, Alleged Top Creator Of Fake Microsoft Accounts?