CyberSecurityBoard
Sponsor Register Login

Microsoft names cybercriminals behind AI deepfake network

Microsoft has named multiple threat actors part of a cybercrime gang accused of developing malicious tools capable of bypassing generative AI guardrails to generate celebrity deepfakes and other illicit content. Creators developed the tools that facilitated the misuse of AI-generated services, while providers adapted and distributed these illicit tools to end users who employed them to generate content violating Microsoft's Acceptable Use Policy and Code of Conduct, which was frequently focused on sexual imagery and celebrities. "Members of Storm-2139 exploited exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services," said Steven Masada, Assistant General Counsel at Microsoft's Digital Crimes Unit. A temporary restraining order and preliminary injunction issued after the initial filing allowed Microsoft to disrupt the group's ability to use its services illegally by seizing a key website part of the criminal ring's infrastructure. Microsoft's legal team also received multiple emails, including from several suspected members of Storm-2139 who blamed others in the operation for the malicious activity. An updated complaint identifies the individuals as Arian Yadegarnia from Iran (aka 'Fiz'), Alan Krysiak of the United Kingdom (aka 'Drago'), Ricky Yuen from Hong Kong, China (aka 'cg-dot'), and Phát Phùng Tấn of Vietnam (aka 'Asakuri'). Microsoft added that the seizure caused Storm-2139 members to turn on each other and speculate about who the "John Does" in the filings were. "We are pursuing this legal action now against identified defendants to stop their conduct, to continue to dismantle their illicit operation, and to deter others intent on weaponizing our AI technology," Masada added today. Microsoft found during the investigation that the Storm-2139 crime network is organized into three categories: creators, providers, and users. As the company explained today, these threat actors are key members of a global cybercrime gang that it tracks as Storm-2139.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 27 Feb 2025 18:20:08 +0000


Cyber News related to Microsoft names cybercriminals behind AI deepfake network

Indian Government Warns Social Media Platforms Over Deepfake Misinformation - In a strong statement directed at social media platforms, the government of India has emphasized the critical need for swift identification and removal of misinformation, including deepfakes, or risk facing legal consequences. This warning follows a ...
1 year ago Cysecurity.news
Deepfake-Generating Apps Explode, Allowing Multimillion-Dollar Corporate Heists - Deepfake creation software is proliferating on the Dark Web, enabling scammers to carry out artificial intelligence-assisted financial fraud with previously unheard of creativity and scope. Consider what happened a few weeks back, when a Hong ...
1 year ago Darkreading.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
Deepfake attacks will cost $40 billion by 2027 - Now one of the fastest-growing forms of adversarial AI, deepfake-related losses are expected to soar from $12.3 billion in 2023 to $40 billion by 2027, growing at an astounding 32% compound annual growth rate. Deloitte sees deep fakes proliferating ...
9 months ago Venturebeat.com
America to offer compensation to victims of Deep Fake AI content - Deepfake technology has become a significant concern, producing computer-generated images, videos, and audio that mimic real individuals, leading to the dissemination of misleading and often absurd content. In response, the United States government, ...
1 year ago Cybersecurity-insiders.com
New Wave of 'Scam-Yourself' Attacks Utilizing AI-Generated Videos With DeepFake - Despite the channel’s legitimate appearance—including repurposed content from TradingView—the unlisted tutorial video instructs viewers to activate a fictitious “AI-powered developer mode” that purportedly predicts cryptocurrency ...
2 months ago Cybersecuritynews.com
Deepfake Democracy: AI Technology Complicates Election Security - Recent events, including an artificial intelligence-generated deepfake robocall impersonating President Biden urging New Hampshire voters to abstain from the primary, serve as a stark reminder that malicious actors increasingly view modern generative ...
1 year ago Darkreading.com
Network Protection: How to Secure a Network - Network security protects and monitors the links and the communications within the network using a combination of hardware, software, and enforced policies. Best practices for network security directly counter the major threats to the network with ...
11 months ago Esecurityplanet.com
Why Use a VLAN? Unveiling the Benefits of Virtual LANs in Network Security - Virtual Local Area Networks, or VLANs, serve as a critical computing technology designed for effective network traffic management. How VLANs function within a network environment revolves around effectively managing and directing network traffic. ...
1 year ago Securityboulevard.com
Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds - Threat actors undertaking identity fraud have been using deepfakes ten times more in 2023 than in 2022, according to digital identity verification solutions provider Sumsub. In its third annual Identity Fraud Report, published on November 28, 2023, ...
1 year ago Infosecurity-magazine.com
More Than 100 Deepfake Ads Featuring British Prime Minister Spread On Facebook - Facebook scammers are constantly seeking new ways to fool users, and deepfake videos are at the very cutting edge. In addition to fraud, these fake doctored videos are increasingly being used to spread misinformation online. According to researchers ...
1 year ago Facecrooks.com
AI, Deepfakes and Digital ID: The New Frontier of Corporate Cybersecurity - iD. The emergence of deepfakes fired the starting pistol in a cybersecurity arms race. Deepfakes will intensify the already acute pressure placed on trust and communication in the public sphere. Because of this focus, what risks being missed is the ...
10 months ago Cyberdefensemagazine.com
New Microsoft Incident Response guides help security teams analyze suspicious activity - Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for ...
1 year ago Microsoft.com
How to manage a migration to Microsoft Entra ID - Microsoft Entra ID, formerly Azure Active Directory, is not a direct replacement for on-premises Active Directory due to feature gaps and alternative ways to perform similar identity and access management tasks. For some organizations, a move to ...
1 year ago Techtarget.com
LastPass: Hackers targeted employee in failed deepfake CEO call - LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer. While 25% of people have been on the receiving end of an ...
1 year ago Bleepingcomputer.com
Mastermind Behind Biden AI Deepfake Indicted for Robocall Scheme - A political consultant identified as the individual who paid for a deepfake robocall created to impersonate US President Joe Biden has been indicted on charges of felony voter suppression as well as misdemeanor impersonation of a candidate. Steven ...
10 months ago Darkreading.com
Microsoft disrupts credentials marketplace, warns of gift card fraud, OAuth abuse - After a relatively quiet final Patch Tuesday of 2023, Microsoft published warnings this week about the potential for gift card fraud and hackers abusing a popular authentication technology. Alongside the warnings, Microsoft said it recently used a ...
1 year ago Therecord.media
Identity Hijack: The Next Generation of Identity Theft - Artificial intelligence is not a novel concept. ChatGPT's launch at the end of 2022 made AI technology widely available at a low cost, which in turn sparked a competition to develop more potent models among almost all of the mega-cap tech companies. ...
1 year ago Cysecurity.news
Operation Cronos extension on LockBit Ransomware and FIN7 Deepfake Malware - Cybersecurity Insiders - The European Union Agency for Law Enforcement Cooperation announced that additional arrests are anticipated in the coming weeks, as they have already compiled a list of individuals connected to the group, aiming to disrupt their operations and IT ...
6 months ago Cybersecurity-insiders.com FIN7 LockBit
Financially motivated threat actors misusing App Installer - Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme to distribute malware. In ...
1 year ago Microsoft.com Black Basta
Microsoft names cybercriminals behind AI deepfake network - Microsoft has named multiple threat actors part of a cybercrime gang accused of developing malicious tools capable of bypassing generative AI guardrails to generate celebrity deepfakes and other illicit content. Creators developed the tools that ...
1 month ago Bleepingcomputer.com
Microsoft names developers behind illicit AI tools used in celebrity deepfake scheme | The Record from Recorded Future News - “The seizure of this website and subsequent unsealing of the legal filings in January generated an immediate reaction from actors, in some cases causing group members to turn on and point fingers at one another,” said the blog post, written by ...
1 month ago Therecord.media
OpenAI to use ChatGPT to curtail fake news and Deepfakes - The upcoming United States Presidential Elections in November 2024 have prompted Microsoft to take decisive action against the spread of misinformation and deepfakes. Leveraging the power of its AI chatbot, ChatGPT, the tech giant aims to play a ...
1 year ago Cybersecurity-insiders.com
Data thieves abuse Microsoft's 'verified publisher' status The Register - Miscreants using malicious OAuth applications abused Microsoft's "Verified publisher" status to gain access to organizations' cloud environments, then steal data and pry into to users' mailboxes, calendars, and meetings. According to researchers with ...
2 years ago Packetstormsecurity.com Lazarus Group
The old, not the new: Basic security issues still biggest threat to enterprises - Attacks on critical infrastructure reveal industry faux pas. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure. X-Force analysis ...
1 year ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)