Microsoft slår ut hackare bakom AI-utnyttjande

Microsoft Corp. said it has identified US and overseas-based criminal hackers who bypassed guardrails on generative artificial intelligence tools – including the company’s Azure OpenAI services – to generate harmful content, including non-consensual intimate images of celebrities and other sexually explicit content.

The hackers scraped customer logins from public sources and used them to access generative AI services, including Azure OpenAI, the Microsoft cloud product that lets customers use OpenAI’s models, according to the company. The hackers then changed the capabilities of the AI products and sold access to other malicious groups, providing them with instructions on how to create harmful content.

The hackers identified by Microsoft are based in Iran, the UK, Hong Kong and Vietnam. They are allegedly part of a global cybercrime network that Microsoft calls Storm-2139. Two other members are located in Florida and Illinois, but Microsoft said it isn’t naming them to avoid derailing criminal investigations. The software maker said it’s preparing criminal referrals to US and foreign law enforcement.

The action comes as the increasing popularity of generative AI tools fosters concerns about their misuse to generate faked illicit images of public figures and regular individuals, as well to create child sexual abuse material. Companies like Microsoft and OpenAI ban such behavior and take technological steps to block it, but malicious groups can still try to gain unauthorized access.

“We take the misuse of AI very seriously, recognizing the serious and lasting impacts of abusive imagery for victims,”

Steven Masada, assistant general counsel, Microsoft’s Digital Crimes Unit, said Thursday in a blog post.

“Microsoft remains committed to protecting users by embedding robust AI safety measures within our platforms and safeguarding our services from illegal and harmful content.”

Microsoft’s announcement follows a December lawsuit the company filed in the Eastern District of Virginia against 10 “John Does” in a bid to gather more information about the hacking group and disrupt its activities, Masada said in the blog.

The court has issued rulings allowing Microsoft to seize a key website the hackers were using. That, and the unsealing of legal filings last month, generated panic among the hacker group and caused some members to point fingers at each other, which Microsoft was able to observe in order to identify some members, the company said.

Microsoft declined to name the celebrities who were impacted.