[alibarber]

Forgive my ignorance - but what's the payoff for fraudsters in getting access to a generative AI service for a short-ish period of time, before they get cut off?

With EC2 / GCC credentials, I could understand going all out on bitcoin mining - but what are they asking the AI to do here that's worth setting up some kind of botnet or automation to sift the internet for compromised keys?

[Aurornis]

Early Generative AI was popular with spammers before it became mainstream because it could be used to write infinite variations of spam messages. Making each message unique is more likely to bypass spam filters.

There are also a lot of AI use cases that require a lot of token spend to brute force a problem. Someone might want to search for security exploits in a codebase but they don’t want to spend the $50,000 in tokens from their own money. Finding someone’s key and using it as hard as possible until getting locked out could move these projects forward.

[LelouBil]

Totally speculating here, but maybe they provide some sort of LLM as a service, and they rotate stolen API keys in the background so they don't have to pay anything ?

Or they use the LLMs for criminal purposes (like automated social engineering) and so the API key can't be traced to their personal info (but they could also use a local model for this, so I don't know).

[lxgr]

There are plenty of services offering AI inference at a discount. Some of these will be using your data for future distillation; others might be making use of bulk discounts and passing these through to a number of individual users (while taking on billing, support etc. risk) – and maybe some are just selling tokens falling off the back of a truck?

[pqnet]

Generating distillation data of a competitor's model could also be a valid reason to do that. You need a huge amount of tokens to do that (that you don't want to pay yourself), and you would like to use as many different accounts that can't be traced back to a single source to make it harder to detect the attempt and lead it back to you.

[varispeed]

If they work for hostile state, the payoff is destruction of economy and social contract. Damage here, damage there. It all adds up.

[croes]

Generate phishing mails, spam mails, disinformation pictures and videos.

Youtube has plenty of scam ads where well known people try to get you to sign up for the WhatApp group for financial tips