Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

Microsoft Takes Legal Action Against Hackers

January 13, 2025
Reading Time: 2 mins read
in News
Italy Considers Telecom Deal Amid Debate

Microsoft has initiated legal action against a foreign-based threat actor group for operating a hacking-as-a-service infrastructure targeting its generative AI services. The group used sophisticated software to exploit exposed customer credentials, which were scraped from public websites. By unlawfully accessing accounts linked to Microsoft’s Azure OpenAI Service, they altered the capabilities of the AI services to produce offensive and harmful content. The group monetized their access by selling it to other malicious actors, who were provided with instructions on how to use the compromised services to generate dangerous content. This activity was discovered by Microsoft’s Digital Crimes Unit (DCU) in July 2024.

The hackers utilized a variety of tools to facilitate their illegal activities:

The hackers utilized a variety of tools to facilitate their illegal activities, including a reverse proxy service called “oai reverse proxy,” which helped them issue API calls to Microsoft’s Azure OpenAI Service using stolen API keys. They created custom applications like “de3u,” a frontend that enabled the users to access the service and generate harmful images through the DALL-E model. These unauthorized API calls were authenticated using stolen API keys and other authentication details, which were gathered through systematic theft from various customers, including U.S.-based companies.

Microsoft’s investigation revealed that the hackers took steps to conceal their actions by attempting to delete certain pages and repositories linked to their operation. This included removing GitHub repositories and infrastructure related to the reverse proxy tool after the seizure of the domain “aitism.net,” which was central to their operation. Despite these attempts to cover their tracks, Microsoft successfully identified the perpetrators and obtained a court order to seize the domain, along with implementing measures to prevent further illegal access to its AI services.

The attack highlights a growing trend of cybercriminals exploiting AI tools for malicious purposes, with Microsoft noting that similar attacks have been observed in the past. Microsoft’s legal filing emphasized that the threat actors targeted not just the Azure OpenAI Service, but other AI service providers as well, suggesting a coordinated effort to breach multiple platforms. This incident underscores the challenges of securing AI services and the ongoing threats from malicious actors who use stolen cloud credentials to abuse AI infrastructure.

Reference:
  • Microsoft Takes Legal Action Against Foreign Hackers Exploiting AI Services
Tags: Cyber NewsCyber News 2025Cyber threatsJanuary 2025Microsoft
ADVERTISEMENT

Related Posts

Tor Browser 14.5.2 Security Privacy Update

CISA Officially Announced Its New Deputy Director

May 20, 2025
Tor Browser 14.5.2 Security Privacy Update

Tor Browser 14.5.2 Security Privacy Update

May 20, 2025
Tor Browser 14.5.2 Security Privacy Update

Civil Coalition Opposes EU GDPR Changes

May 20, 2025
UK Cyber Talent Demand High With Skills Gap

Japan enacts a new Cyberdefense Law

May 19, 2025
UK Cyber Talent Demand High With Skills Gap

Hackers Net $1M For ZeroDay Flaws at Pwn2Own

May 19, 2025
UK Cyber Talent Demand High With Skills Gap

UK Cyber Talent Demand High With Skills Gap

May 19, 2025

Latest Alerts

W3LL Phishing Kit Steals Microsoft Logins

Windows 10 Intel BitLocker Bug Fixed

Zoom Phishing Attack Steals Corporate Logins

Mozilla Urgent Firefox Patch Fixes RCE Flaws

ModiLoader Malware Targets Windows Users

Glibc Flaw Gives Linux Root Access Risk

Subscribe to our newsletter

    Latest Incidents

    Belgian mobile customers’ data leaked

    Promises2Kids Data Breach Hits Foster Youth

    RVTools Compromised With a Trojanized Installer

    Massive DDoS Hits Poland’s Civic Platform

    Arla Plant Cyberattack Halts Operations

    Georgia’s Harbin Clinic Hit by Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial