Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

Microsoft Takes Legal Action Against Hackers

January 13, 2025
Reading Time: 2 mins read
in News
Italy Considers Telecom Deal Amid Debate

Microsoft has initiated legal action against a foreign-based threat actor group for operating a hacking-as-a-service infrastructure targeting its generative AI services. The group used sophisticated software to exploit exposed customer credentials, which were scraped from public websites. By unlawfully accessing accounts linked to Microsoft’s Azure OpenAI Service, they altered the capabilities of the AI services to produce offensive and harmful content. The group monetized their access by selling it to other malicious actors, who were provided with instructions on how to use the compromised services to generate dangerous content. This activity was discovered by Microsoft’s Digital Crimes Unit (DCU) in July 2024.

The hackers utilized a variety of tools to facilitate their illegal activities:

The hackers utilized a variety of tools to facilitate their illegal activities, including a reverse proxy service called “oai reverse proxy,” which helped them issue API calls to Microsoft’s Azure OpenAI Service using stolen API keys. They created custom applications like “de3u,” a frontend that enabled the users to access the service and generate harmful images through the DALL-E model. These unauthorized API calls were authenticated using stolen API keys and other authentication details, which were gathered through systematic theft from various customers, including U.S.-based companies.

Microsoft’s investigation revealed that the hackers took steps to conceal their actions by attempting to delete certain pages and repositories linked to their operation. This included removing GitHub repositories and infrastructure related to the reverse proxy tool after the seizure of the domain “aitism.net,” which was central to their operation. Despite these attempts to cover their tracks, Microsoft successfully identified the perpetrators and obtained a court order to seize the domain, along with implementing measures to prevent further illegal access to its AI services.

The attack highlights a growing trend of cybercriminals exploiting AI tools for malicious purposes, with Microsoft noting that similar attacks have been observed in the past. Microsoft’s legal filing emphasized that the threat actors targeted not just the Azure OpenAI Service, but other AI service providers as well, suggesting a coordinated effort to breach multiple platforms. This incident underscores the challenges of securing AI services and the ongoing threats from malicious actors who use stolen cloud credentials to abuse AI infrastructure.

Reference:
  • Microsoft Takes Legal Action Against Foreign Hackers Exploiting AI Services
Tags: Cyber NewsCyber News 2025Cyber threatsJanuary 2025Microsoft
ADVERTISEMENT

Related Posts

US Seizes $225M In Record Crypto Bust

UK Data Law Risks EU Adequacy Deal

June 20, 2025
US Seizes $225M In Record Crypto Bust

US Seizes $225M In Record Crypto Bust

June 20, 2025
US Seizes $225M In Record Crypto Bust

Argentina Busts Russian Disinformation Ring

June 20, 2025
Iran Slows Internet to Prevent Cyberattacks

Episource data breach affects over 5M patients

June 19, 2025
Iran Slows Internet to Prevent Cyberattacks

Ryuk ransomware’s access enabler extradited

June 19, 2025
Iran Slows Internet to Prevent Cyberattacks

Iran Slows Internet to Prevent Cyberattacks

June 19, 2025

Latest Alerts

Winos 4.0 Malware Hits Taiwan Via Tax Phish

New Amatera Stealer Delivered By ClearFake

New Godfather Trojan Hijacks Banking Apps

Fake Minecraft Mods On GitHub Spread Malware

Fake Invoices Deliver Sorillus RAT In Europe

Russian Phishing Scam Bypasses Google 2FA

Subscribe to our newsletter

    Latest Incidents

    Massive Leak Exposes 16 Billion Credentials

    Tonga Health System Down After Ransomware

    Chinese Spies Target Satellite Giant Viasat

    German Dealer Leymann Hacked Closes Stores

    Hacker Mints $27M From Meta Pool Gets 132K

    UBS and Pictet Hit By Vendor Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial