Microsoft has publicly identified four cybercriminals responsible for an extensive Azure AI abuse scheme known as LLMjacking—a campaign leveraging unauthorized access to generative artificial intelligence (GenAI) services to create harmful and offensive content.
Microsoft Uncovers Storm-2139 Cybercrime Network
The tech giant has been tracking the cybercrime syndicate, dubbed Storm-2139, which has targeted multiple AI services, including Microsoft's Azure OpenAI Service. According to Microsoft, the individuals named in connection with this illicit operation include:
Arian Yadegarnia (alias "Fiz") – Iran
Alan Krysiak (alias "Drago") – United Kingdom
Ricky Yuen (alias "cg-dot") – Hong Kong, China
Phát Phùng Tấn (alias "Asakuri") – Vietnam
According to Steven Masada, Assistant General Counsel for Microsoft's Digital Crimes Unit (DCU), Storm-2139 hackers exploited publicly exposed customer credentials to gain unauthorized access to GenAI services. They then modified these AI systems to bypass security protocols and sold access to malicious actors. This access enabled the creation of illicit content, including non-consensual intimate images of celebrities and sexually explicit material.
How LLMjacking Works: API Key Theft and Monetization
The cybercriminals engaged in systematic API key theft from multiple organizations, including several U.S.-based companies. Microsoft had previously announced legal action against these individuals for stealing and monetizing API keys, allowing other threat actors to manipulate AI models for illegal purposes.
As part of the crackdown, Microsoft also obtained a court order to seize the domain "aitism[.]net", which was identified as a critical component in Storm-2139’s operation.
The Role of Storm-2139: Creators, Providers, and End Users
Storm-2139 consists of three major categories of cybercriminals:
Creators – Develop illicit tools to exploit AI services.
Providers – Modify and distribute these tools at different price points.
End Users – Use these tools to generate AI-powered malicious content, violating Microsoft's Acceptable Use Policy and Code of Conduct.
Additional Suspects Identified Across Multiple Countries
Microsoft has also identified additional individuals involved in the LLMjacking scheme, including two actors in the United States (Illinois and Florida). Their identities remain undisclosed to avoid interfering with ongoing criminal investigations.
Other unnamed co-conspirators, providers, and end users include:
John Doe (DOE 2) – Likely based in the United States
John Doe (DOE 3) "Sekrit" – Austria
"Pepsi" – United States
"Pebble" – United States
"Dazz" – United Kingdom
"Jorge" – United States
"Jawajawaable" – Turkey
"1phlgm" – Russia
John Doe (DOE 8) – Argentina
John Doe (DOE 9) – Paraguay
John Doe (DOE 10) – Denmark
Microsoft’s Commitment to AI Security and Cybercrime Prevention
"Going after malicious actors requires persistence and ongoing vigilance," Masada emphasized. By exposing these cybercriminals, Microsoft aims to set a strong precedent in combating AI abuse.
This landmark action reinforces Microsoft's commitment to cybersecurity, ensuring AI technologies remain secure and resistant to exploitation. As the landscape of AI-driven threats evolves, tech companies and regulatory bodies must remain proactive in identifying, preventing, and prosecuting cybercriminals seeking to misuse artificial intelligence.