Microsoft Identifies Cybercriminals Exploiting AI Tools for Deepfake Creation

The company named four members of the global network Storm-2139, accused of bypassing AI safety measures to generate harmful content, including celebrity deepfakes.

• Microsoft amended a December 2024 lawsuit to name four individuals allegedly involved in abusing its Azure OpenAI services: Arian Yadegarnia (Iran), Alan Krysiak (UK), Ricky Yuen (Hong Kong), and Phát Phùng Tấn (Vietnam).
• The group, tracked as Storm-2139, allegedly exploited leaked API keys to bypass AI safety guardrails and resold access to others, enabling the creation of non-consensual explicit content.
• Storm-2139 is reportedly organized into creators, providers, and users, with roles ranging from tool development to distributing and misusing AI services.
• Microsoft seized key domains linked to the operation, prompting internal discord among group members and aiding in the identification of suspects.
• The company is pursuing legal actions to dismantle the operation and collaborating with law enforcement on potential criminal referrals in the U.S. and abroad.

3 Articles

The Register Gizmodo BleepingComputer