Microsoft names cybercriminals behind AI deepfake network – BleepingComputer
Microsoft confirms it’s killing off Skype in May, after 14 yearsVSCode extensions with 9 million installs pulled over security risksVo1d malware botnet grows to 1.6 million Android TVs worldwideMicrosoft names cybercriminals behind AI deepfake networkU.S. recovers $31 million stolen in 2021 Uranium Finance hackQilin ransomware claims attack at Lee Enterprises, leaks stolen dataPolice arrests suspects tied to AI-generated CSAM distribution ringSerbian police used Cellebrite zero-day hack to unlock Android phonesHow to access the Dark Web using the Tor BrowserHow to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11How to use the Windows Registry EditorHow to backup and restore the Windows RegistryHow to start Windows in Safe ModeHow to remove a Trojan, Virus, Worm, or other MalwareHow to show hidden files in Windows 7How to see hidden files in WindowsRemove the Theonlinesearch.com Search RedirectRemove the Smartwebfinder.com Search RedirectHow to remove the PBlock+ adware browser extensionRemove the Toksearches.xyz Search RedirectRemove Security Tool and SecurityTool (Uninstall Guide)How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundoHow to remove Antivirus 2009 (Uninstall Instructions)How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKillerLocky Ransomware Information, Help Guide, and FAQCryptoLocker Ransomware Information Guide and FAQCryptorBit and HowDecrypt Information Guide and FAQCryptoDefense and How_Decrypt Ransomware Information Guide and FAQQualys BrowserCheckSTOPDecrypterAuroraDecrypterFilesLockerDecrypterAdwCleanerComboFixRKillJunkware Removal TooleLearningIT Certification CoursesGear + GadgetsSecurityBest VPNsHow to change IP addressAccess the dark web safelyBest VPN for YouTubeMicrosoft has named multiple threat actors part of a cybercrime gang accused of developing malicious tools capable of bypassing generative AI guardrails to generate celebrity deepfakes and other illicit content.An updated complaint identifies the individuals as Arian Yadegarnia from Iran (aka ‘Fiz’), Alan Krysiak of the United Kingdom (aka ‘Drago’), Ricky Yuen from Hong Kong, China (aka ‘cg-dot’), and Phát Phùng Tấn of Vietnam (aka ‘Asakuri’).As the company explained today, these threat actors are key members of a global cybercrime gang that it tracks as Storm-2139.”Members of Storm-2139 exploited exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services,” said Steven Masada, Assistant General Counsel at Microsoft’s Digital Crimes Unit.”They then altered the capabilities of these services and resold access to other malicious actors, providing detailed instructions on how to generate harmful and illicit content, including non-consensual intimate images of celebrities and other sexually explicit content.”Microsoft found during the investigation that the Storm-2139 crime network is organized into three categories: creators, providers, and users.Creators developed the tools that facilitated the misuse of AI-generated services, while providers adapted and distributed these illicit tools to end users who employed them to generate content violating Microsoft’s Acceptable Use Policy and Code of Conduct, which was frequently focused on sexual imagery and celebrities.Today’s update follows the company’s lawsuit filed in the Eastern District of Virginia in December 2024 to collect more information on the cybercrime ring’s operations.A temporary restraining order and preliminary injunction issued after the initial filing allowed Microsoft to disrupt the group’s ability to use its services illegally by seizing a key website part of the criminal ring’s infrastructure.Microsoft added that the seizure caused Storm-2139 members to turn on each other and speculate about who the “John Does” in the filings were. Microsoft’s legal team also received multiple emails, including from several suspected members of Storm-2139 who blamed others in the operation for the malicious activity.”We are pursuing this legal action now against identified defendants to stop their conduct, to continue to dismantle their illicit operation, and to deter others intent on weaponizing our AI technology,” Masada added today.”While we have identified two actors located in the United States—specifically, in Illinois and Florida—those identities remain undisclosed to avoid interfering with potential criminal investigations. Microsoft is preparing criminal referrals to United States and foreign law enforcement representatives. “Microsoft raises rewards for Copilot AI bug bounty programGoogle says hackers abuse Gemini AI to empower their attacksMicrosoft tests Edge Scareware Blocker to block tech support scamsPolice arrests suspects tied to AI-generated CSAM distribution ringMicrosoft confirms it’s killing off Skype in May, after 14 yearsCriminals gonna crim..Not a member yet? Register NowVSCode extensions with 9 million installs pulled over security risksOrange Group confirms breach after hacker leaks company documentsHave I Been Pwned adds 284M accounts stolen by infostealer malwareRDP Security Simplified – No VPN, No Firewall Exposure. Get a free TruGrid business trial.5 Browser Security Threats Overlooked by Security Tools. Get the Free ReportOverdue a password health-check? Audit your Active Directory for freeDiscover full attack chains and identify their root cause. Learn more about Automated Security Validation.Integrating LLMs into security operations using Wazuh. Learn how to get started.Terms of Use – Privacy Policy – Ethics Statement – Affiliate DisclosureCopyright @ 2003 – 2025 Bleeping Computer® LLC – All Rights ReservedNot a member yet? Register NowRead our posting guidelinese to learn what content is prohibited.
