Microsoft has charged many threat actors who are members of a cybercrime gang of creating harmful tools that can create celebrity deepfakes and other illegal content by getting past generative AI safeguards.
According to an amended complaint, the persons are Phát Phùng Tấn of Vietnam (also known as “Asakuri”), Alan Krysiak of the United Kingdom (also known as “Drago”), Ricky Yuen of Hong Kong, China (also known as “cg-dot”), and Arian Yadegarnia of Iran (also known as “Fiz”).
These threat actors are important players in a worldwide cybercrime gang that the organization identifies as Storm-2139, the business clarified today.
“Members of Storm-2139 exploited exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services,” said Steven Masada, Assistant General Counsel at Microsoft’s Digital Crimes Unit.
“They then altered the capabilities of these services and resold access to other malicious actors, providing detailed instructions on how to generate harmful and illicit content, including non-consensual intimate images of celebrities and other sexually explicit content.”
During the research, Microsoft discovered that the Storm-2139 criminal network is divided into three groups: users, suppliers, and creators.
The tools that enabled the abuse of AI-generated services were created by creators, and the providers modified and disseminated these illegal tools to end users, who used them to produce content that violated Microsoft’s Acceptable Use Policy and Code of Conduct, which was often centered around celebrities and sexual imagery.
The disclosure comes after the business sued to get more details about the activities of the cybercrime ring in the Eastern District of Virginia in December 2024.
Following the first filing, a preliminary injunction and temporary restraining order were obtained, which enabled Microsoft to seize a crucial website component of the criminal ring’s infrastructure and prevent the organization from using its services unlawfully.
Microsoft further stated that members of Storm-2139 turned against one another as a result of the seizure and began speculating about the identity of the “John Does” in the papers. Multiple emails were also sent to Microsoft’s legal team, including ones from a number of suspected Storm-2139 members who accused other members of the operation of being responsible for the harmful behavior.
“We are pursuing this legal action now against identified defendants to stop their conduct, to continue to dismantle their illicit operation, and to deter others intent on weaponizing our AI technology,” Masada added today.
“While we have identified two actors located in the United States—specifically, in Illinois and Florida—those identities remain undisclosed to avoid interfering with potential criminal investigations. Microsoft is preparing criminal referrals to United States and foreign law enforcement representatives. “
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
