Microsoft on Thursday did not mask four individuals who said they were behind the Azure Abuse Enterprise Scheme, which involves leveraging unauthorized access to artificial intelligence (Genai) services to produce offensive and harmful content.
Called LLMJacking, the campaign targets a variety of AI products, including Microsoft’s Azure Openai service. The tech giant is tracking the Cybercrime network as the Storm-2139. The individual in the name –
Arian Yodegarnia of Iran, aka “Fizz” of Iran, Alan Krisiaq “Drago” of the UK, and CG-Dot of Hong Kong, China and Hong Kong, aka “Asakuri” of Hong Kong, Vietnam, aka “CG-Dot” of Hong Kong
“Members of Storm-2139 will misuse exposed customer qualifications that have been stripped from public sources to illegally access their accounts with certain generative AI services,” said Steven Masada, assistant adviser at Microsoft’s Digital Crimes Unit (DCU).
“We have since changed the capabilities of these services, reselling access to other malicious actors and providing detailed instructions on how to generate well-known and illegal content.
Malicious activities are explicitly carried out with the intention of bypassing the safety guardrails of the generated AI system, Redmond added.
The revised complaint took a month after Microsoft said it was engaged in major theft of systematic APIs from several customers, including several US companies, and then pursued legal action against threat actors to monetize access to other parties.
It also obtained a court order to seize the website (“Aitism[.]net”) It is considered an important part of the group’s crime operations.
Storm-2139 consists of three broad categories of creators who developed illegal tools that enable the abuse of AI services. Providers who change and offer these tools to their customers at different price points. and end users who use them to generate synthetic content that violates Microsoft’s acceptable usage policies and codes of conduct.
Microsoft also said it has identified two more actors in the US, based in Illinois and Floria. Their identity is withheld to avoid obstructing potential criminal investigations.
Other unnamed co-conspirators, providers and end users are listed below –
John Doe (DOE 2) who is likely to reside in the US will use John Doe (DOE 3) who is likely to reside in Austria and may reside in the US, who uses “Pepsi” for the US, and who uses people who use people who use people who use people who use people who are resident in the US. The alias “Jorge” uses people who may live in Turkey and use the alias “Java Javaable” and people who live in Russia and use the alias “1phlgm”.
“It takes tenacity and continued vigilance to chase a malicious actor,” Masada said. “By chasing away these individuals and shedding light on their malicious activities, Microsoft aims to set a precedent in the fight against the misuse of AI technology.”
Source link
