Content moderation systems

Incidents implicated systems

Incident 9555 Report
Global Cybercrime Network Storm-2139 Allegedly Exploits AI to Generate Deepfake Content

2024-12-19

A global cybercrime network, Storm-2139, allegedly exploited stolen credentials and developed custom tools to bypass AI safety guardrails. They reportedly generated harmful deepfake content, including nonconsensual intimate images of celebrities, and their software is reported to have disabled content moderation, hijacked AI access, and resold illicit services. Microsoft disrupted the operation and filed a lawsuit in December 2024, later identifying key members of the network in February 2025.

Incident 10551 Report
FBI Reports AI Use by Threat Actors in Broader Cyber Context Including Infrastructure Intrusions

2025-04-29

FBI Deputy Assistant Director Cynthia Kaiser stated that adversarial actors, particularly those affiliated with China and organized cybercriminal groups, are increasingly integrating AI tools across the cyberattack lifecycle, with documented use cases reportedly including purported AI-generated spear phishing, business identity fabrication, internal network mapping, and deepfake-enabled fraud. The tools are allegedly already assisting intrusions targeting U.S. infrastructure.

Content moderation systems

Incidents implicated systems

Incident 9555 ReportGlobal Cybercrime Network Storm-2139 Allegedly Exploits AI to Generate Deepfake Content

Incident 10551 ReportFBI Reports AI Use by Threat Actors in Broader Cyber Context Including Infrastructure Intrusions

Related Entities Related EntitiesOther entities that are related to the same incident. For example, if the developer of an incident is this entity but the deployer is another entity, they are marked as related entities.

Related Entities

Unidentified Storm-2139 actor from Illinois

Incidents involved as both Developer and Deployer

Unidentified Storm-2139 actor from Florida

Incidents involved as both Developer and Deployer

Storm-2139

Incidents involved as both Developer and Deployer

Ricky Yuen (cg-dot)

Incidents involved as both Developer and Deployer

Phát Phùng Tấn (Asakuri)

Incidents involved as both Developer and Deployer

Arian Yadegarnia (Fiz)

Incidents involved as both Developer and Deployer

Alan Krysiak (Drago)

Incidents involved as both Developer and Deployer

Victims of deepfake abuse

Incidents Harmed By

OpenAI

Incidents Harmed By

Microsoft

Incidents Harmed By

celebrities

Incidents Harmed By

Azure OpenAI customers

Incidents Harmed By

AI service providers

Incidents Harmed By

Proxy and credential abuse networks

Incidents implicated systems

Microsoft Azure OpenAI Service

Incidents implicated systems

Generative AI platforms

Incidents implicated systems

Azure Abuse Enterprise

Incidents implicated systems

API authentication mechanisms

Incidents implicated systems

AI safety guardrails

Incidents implicated systems

Government of China

Incidents involved as Deployer

Chinese Communist Party

Incidents involved as Deployer

Unknown generative AI developers

Incidents involved as Developer

United States critical infrastructure

Incidents Harmed By

Private companies

Incidents Harmed By

Government agencies

Incidents Harmed By

Employees targeted by phishing

Incidents Harmed By

Employees targeted by deepfake impersonations

Incidents Harmed By

Unknown large language models (LLMs)

Incidents implicated systems

Unknown deepfake technology

Incidents implicated systems

Unknown automated phishing tools

Incidents implicated systems

Incident 9555 Report
Global Cybercrime Network Storm-2139 Allegedly Exploits AI to Generate Deepfake Content

Incident 10551 Report
FBI Reports AI Use by Threat Actors in Broader Cyber Context Including Infrastructure Intrusions

Related Entities