Microsoft Sues Group for Exploiting Azure OpenAI Service with Stolen Credentials to Generate Harmful DALL-E Content

Jan 11, 2025, 07:54 AM

Microsoft Corp. has initiated legal action against a group accused of exploiting its Azure OpenAI Service to generate harmful and illicit content. The defendants allegedly used stolen customer credentials, specifically API keys, and custom software, including a tool called de3u, to bypass the safety measures of Microsoft's AI platform. The group is said to have created a 'hacking-as-a-service' scheme, selling access to the compromised service to other malicious actors. Microsoft discovered this activity in July 2024 and has since revoked the group's access, implemented new countermeasures, and obtained a court order to seize a website central to the operation. The lawsuit claims violations of several U.S. laws, including the Computer Fraud and Abuse Act and the Digital Millennium Copyright Act, and seeks to prevent further misuse of its AI technology, particularly the DALL-E image generator.