Dark News Live

Menu
Menu

Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme

It also obtained a court order to seize a website (“aitism[.]net”) that is believed to have been a crucial part of the group’s criminal operation.

Storm-2139 consists of three broad categories of people: Creators, who developed the illicit tools that enable the abuse of AI services; Providers, who modify and supply these tools to customers at various price points; and end users who utilize them to generate synthetic content that violate Microsoft’s Acceptable Use Policy and Code of Conduct.

Microsoft said it also identified two more actors located in the United States, who are based in the states of Illinois and Florida. Their identities have been withheld to avoid interfering with potential criminal investigations.

The other unnamed co-conspirators, providers, and end users are listed below –

  • A John Doe (DOE 2) who likely resides in the United States
  • A John Doe (DOE 3) who likely resides in Austria and uses the alias “Sekrit”
  • A person who likely resides in the United States and uses the alias “Pepsi”
  • A person who likely resides in the United States and uses the alias “Pebble”
  • A person who likely resides in the United Kingdom and uses the alias “dazz”
  • A person who likely resides in the United States and uses the alias “Jorge”
  • A person who likely resides in Turkey and uses the alias “jawajawaable”
  • A person who likely resides in Russia and uses the alias “1phlgm”
  • A John Doe (DOE 8) who likely resides in Argentina
  • A John Doe (DOE 9) who likely resides in Paraguay
  • A John Doe (DOE 10) who likely resides in Denmark

“Going after malicious actors requires persistence and ongoing vigilance,” Masada said. “By unmasking these individuals and shining a light on their malicious activities, Microsoft aims to set a precedent in the fight against AI technology misuse.”

Stay Secure, Share the Knowledge! 🔐📢

13 thoughts on “Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme”

Leave a Comment

Your email address will not be published. Required fields are marked *

― Trending News

cyberattack (1)
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices
llm-data-security
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
phone-hacking
Amnesty Finds Cellebrite's Zero-Day Used to Unlock Serbian Activist's Android Phone
cyberattack (2)
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
How New AI Agents Will Transform Credential Stuffing Attacks
How New AI Agents Will Transform Credential Stuffing Attacks
ai-hackers
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme

― Must-Read Cyber Updates

llm-data-security
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
main
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
china-hackers
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
How New AI Agents Will Transform Credential Stuffing Attacks
How New AI Agents Will Transform Credential Stuffing Attacks
firefox
Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language
russian (1)
Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware

― Related Resources

china-hackers
News
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange...
cyberattack (2)
News
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday warned of renewed activity from...
xss
News
Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites
A cross-site scripting (XSS) vulnerability in a virtual tour framework has been weaponized by malicious...
cyberattack (1)
News
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices
A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology...
Scroll to Top