Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

Microsoft Takes Legal Action Against Hackers

January 13, 2025
Reading Time: 2 mins read
in News
Italy Considers Telecom Deal Amid Debate

Microsoft has initiated legal action against a foreign-based threat actor group for operating a hacking-as-a-service infrastructure targeting its generative AI services. The group used sophisticated software to exploit exposed customer credentials, which were scraped from public websites. By unlawfully accessing accounts linked to Microsoft’s Azure OpenAI Service, they altered the capabilities of the AI services to produce offensive and harmful content. The group monetized their access by selling it to other malicious actors, who were provided with instructions on how to use the compromised services to generate dangerous content. This activity was discovered by Microsoft’s Digital Crimes Unit (DCU) in July 2024.

The hackers utilized a variety of tools to facilitate their illegal activities:

The hackers utilized a variety of tools to facilitate their illegal activities, including a reverse proxy service called “oai reverse proxy,” which helped them issue API calls to Microsoft’s Azure OpenAI Service using stolen API keys. They created custom applications like “de3u,” a frontend that enabled the users to access the service and generate harmful images through the DALL-E model. These unauthorized API calls were authenticated using stolen API keys and other authentication details, which were gathered through systematic theft from various customers, including U.S.-based companies.

Microsoft’s investigation revealed that the hackers took steps to conceal their actions by attempting to delete certain pages and repositories linked to their operation. This included removing GitHub repositories and infrastructure related to the reverse proxy tool after the seizure of the domain “aitism.net,” which was central to their operation. Despite these attempts to cover their tracks, Microsoft successfully identified the perpetrators and obtained a court order to seize the domain, along with implementing measures to prevent further illegal access to its AI services.

The attack highlights a growing trend of cybercriminals exploiting AI tools for malicious purposes, with Microsoft noting that similar attacks have been observed in the past. Microsoft’s legal filing emphasized that the threat actors targeted not just the Azure OpenAI Service, but other AI service providers as well, suggesting a coordinated effort to breach multiple platforms. This incident underscores the challenges of securing AI services and the ongoing threats from malicious actors who use stolen cloud credentials to abuse AI infrastructure.

Reference:
  • Microsoft Takes Legal Action Against Foreign Hackers Exploiting AI Services
Tags: Cyber NewsCyber News 2025Cyber threatsJanuary 2025Microsoft
ADVERTISEMENT

Related Posts

New CISA Budget Slashes Staff And Funds

New CISA Budget Slashes Staff And Funds

June 3, 2025
New CISA Budget Slashes Staff And Funds

Microsoft and CrowdStrike Align Hacker Names

June 3, 2025
New CISA Budget Slashes Staff And Funds

Aussie Ransom Reporting Rules Now In Effect

June 3, 2025
Senators Urge CSRB Return For Salt Typhoon

Senators Urge CSRB Return For Salt Typhoon

June 2, 2025
Senators Urge CSRB Return For Salt Typhoon

Authorities Takedown Malware Hiding Tools

June 2, 2025
Senators Urge CSRB Return For Salt Typhoon

Alleged Conti and Trickbot Leader Unmasked

June 2, 2025

Latest Alerts

Fake FB Ban Fix Extension Steals Accounts

Actively Exploited Chrome V8 Flaw Patched

DevOps Servers Hit By JINX0132 Crypto Mine

Linux Core Dump Flaws Risk Password Leaks

GitHub Code Flaw Replicated By AI Models

Google Script Used In New Phishing Scams

Subscribe to our newsletter

    Latest Incidents

    Cartier Data Breach Exposes Client Info

    White House Chief of Staff’s Phone Hacked

    The North Face Hit By 4th Credential Hack

    Covenant Health Cyberattack Shuts Hospitals

    Moscow DDoS Attack Cuts Internet For Days

    Puerto Rico’s Justice Department Cyberattack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial