Microsoft revealed four individuals behind a cybercrime scheme called LLMjacking, targeting its Azure OpenAI Service. The group, tracked as Storm-2139, is accused of exploiting unauthorized access to generative AI services to produce and sell harmful content. This includes creating non-consensual images and other illicit material. Microsoft has taken legal actions against these actors, citing API key theft and has targeted a significant website involved in the operation. The group consists of creators who develop tools and providers who modify and distribute them for misuse.
"Members of Storm-2139 exploited exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services."
"They then altered the capabilities of these services and resold access to other malicious actors, providing detailed instructions on how to generate harmful and illicit content."
Collection
[
|
...
]