Microsoft has taken control of an internet domain used by a foreign-based threat group to generate harmful and illicit AI images through Microsoft’s Azure OpenAI service. The group used stolen login credentials and custom software to bypass security safeguards and access the DALL-E AI image generator.
The hackers created and sold access to malicious tools, including one called “de3u,” which evaded Microsoft’s content filtering. Microsoft discovered the activity in July and revoked access, then filed a lawsuit to seize the domain, used in the hacking scheme.
After the seizure, the hackers attempted to cover their tracks by deleting evidence. Microsoft’s actions aim to prevent further misuse of its AI services and protect users from harmful content.
