Storm-2139 is a threat actor. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Storm-2139 exploit?

Specific CVE exploitation data for Storm-2139 is being tracked. Check the Strobes VI threat actor profile for updates.

Storm-2139

Exploited CVEs

Overview

Storm-2139 is a cybercrime group that exploited stolen API keys from compromised Azure OpenAI Service accounts to generate harmful content, including non-consensual intimate imagery, using the DALL-E model. The group utilized reverse proxy infrastructure and custom software to bypass guardrails in Microsoft’s GenAI services. Microsoft has filed a lawsuit against four individuals associated with Storm-2139, alleging they modified customer systems and resold access to these capabilities. The group systematically harvested authentication tokens from U.S.-based enterprises and is linked to a broader network of illicit AI tool development and distribution.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database