Microsoft Corp. has taken decisive legal action against foreign-based cybercriminals accused of exploiting its artificial intelligence services for malicious purposes. A Virginia federal judge authorized Microsoft to seize a website allegedly central to the scheme, according to court filings unsealed Friday.
Cybercriminals Allegedly Circumvented AI Safety Measures
In a lawsuit filed last month, Microsoft alleged that an unidentified group of cybercriminals used stolen customer credentials and a custom tool to bypass authentication systems and safety guardrails protecting its Azure OpenAI Service. The group reportedly used the compromised services to generate harmful content and resold access to other bad actors.
Microsoft claimed the defendants’ actions violated multiple laws, including the Computer Fraud and Abuse Act, the Digital Millennium Copyright Act, and the Racketeer Influenced and Corrupt Organizations Act (RICO).
Court Grants Emergency Action
On Dec. 19, U.S. District Judge Michael S. Nachmanoff granted Microsoft a temporary restraining order, enabling the company to:
- Take control of the domain “aitism.net”, allegedly used to execute the scheme.
- Issue subpoenas to third-party providers whose infrastructure had been misused.
- Prevent the defendants from further violations while the case proceeds.
When the defendants failed to appear at a court hearing Friday or respond to the court’s directive, Judge Nachmanoff converted the restraining order into a preliminary injunction, keeping the website under Microsoft’s control pending the case’s resolution.
