Microsoft has filed a lawsuit against 10 individuals allegedly part of a hacking-as-a-service scheme over their purported use of breached Azure OpenAI services to generate malicious content between July and August, CyberScoop reports.
Aside from leveraging stolen API keys to compromise Azure OpenAI-using devices and accounts, the defendants also utilized a software tool to better understand phrases flagged by Microsoft and OpenAI, claimed the lawsuit. Microsoft's legal action has also been accompanied by a temporary restraining order enabling the firm to sequester the alleged hackers' domain. "The seizure of this domain enables [Microsoft] to redirect communications occurring on the malicious domain to our [Digital Crimes Unit] sinkhole, making it available for the investigative team's analysis. In addition to the initial seizure, we also secured expedited discovery to further our investigation as well as preserve evidence at the locations we identified as hosting part of the 'infrastructure' used by the defendants," said a Microsoft spokesperson.
