Summary: Microsoft is taking legal action against a foreign-based threat actor group that has exploited its generative AI services to create harmful content and sell access to these services through a hacking-as-a-service model. The company has implemented new safeguards and seized a key website involved in the operation.

Threat Actor: Unknown | unknown
Victim: Microsoft | Microsoft

Key Point :

• Threat actors developed software to exploit stolen customer credentials for unauthorized access to Microsoft’s AI services.
• They monetized this access by selling tools and instructions for generating harmful content.
• Microsoft has revoked access, enhanced security measures, and seized a key website central to the operation.
• The operation involved systematic API key theft from multiple customers, including U.S. companies.
• Evidence suggests the group has targeted other AI service providers beyond Microsoft.