Git-Mirrors/DISARMframeworks
1
0
Fork 0
mirror of https://github.com/DISARMFoundation/DISARMframeworks.git synced 2024-12-19 21:04:19 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity
7b57759624
DISARMframeworks/generated_pages/techniques/T0154.002.md

9.7 KiB
Raw Blame History

Technique T0154.002: AI Media Platform

  • Summary: AI Media Platforms are online platforms that allow people to create Accounts which they can use to produce image, video, or audio content (also known as “deepfakes”) using the platforms AI Software.

    Midjourney, DALL-E, Stable Diffusion, and Adobe Firefly are examples of AI Media Platforms which allow users to Develop AI-Generated Images, AI-Generated Videos and AI-Generated Account Imagery.

    Similarly, Reface, Zao, FaceApp, and Wombo are mobile apps which offer features for creating AI-Generated videos, gifs, or trending memes.

    AI-Generated Audio such as text-to-speech and voice cloning have revolutionised the creation of synthetic voices that closely mimic human speech. AI Media Platforms such as Descript, Fliki, Murf AI, PlayHT, and Resemble AI can be used to generate synthetic voice.

    Some platforms implement protections against misuse of AI by their users. Threat Actors have been observed bypassing these protections using prompt injections, poisoning, jailbreaking, or integrity attacks.

  • Belongs to tactic stage: TA07

Incident Descriptions given for this incident
I00096 China ramps up use of AI misinformation The Microsoft Threat Analysis Centre (MTAC) published a report documenting the use of AI by pro-Chinese threat actors:

On 13 January, Spamouflage [(a Pro-Chinese Communist Party actor)] posted audio clips to YouTube of independent candidate [for Taiwans Jan 2024 presidential election] Terry Gou who also founded electronics giant Foxconn in which Gou endorsed another candidate in the race. This clip was almost certainly AI-generated, and it was swiftly removed by YouTube. A fake letter purporting to be from Gou, endorsing the same candidate, had already circulated Gou had of course made no such endorsement.

Here Spamoflage used an account on YouTube to post AI Generated audio impersonating an electoral candidate (T0146: Account Asset, T0152.006: Video Platform, T0115: Post Content, T0088.001: Develop AI-Generated Audio (Deepfakes), T0143.003: Impersonated Persona, T0097.110: Party Official Persona).

Spamouflage also exploited AI-powered video platform CapCut which is owned by TikTok backers ByteDance to generate fake news anchors which were used in a variety of campaigns targeting the various presidential candidates in Taiwan.

Spamoflage created accounts on CapCut, which it used to create AI-generated videos of fabricated news anchors (T0146: Account Asset, T0154.002: AI Media Platform, T0087.001: Develop AI-Generated Video (Deepfakes), T0143.002: Fabricated Persona, T0097.102: Journalist Persona).
I00099 More Women Are Facing The Reality Of Deepfakes, And Theyre Ruining Lives Last October, British writer Helen was alerted to a series of deepfakes on a porn site that appear to show her engaging in extreme acts of sexual violence. That night, the images replayed themselves over and over in horrific nightmares and she was gripped by an all-consuming feeling of dread. “Its like youre in a tunnel, going further and further into this enclosed space, where theres no light,” she tells Vogue. This feeling pervaded Helens life. Whenever she left the house, she felt exposed. On runs, she experienced panic attacks. Helen still has no idea who did this to her.

[...]

Amnesty International has been investigating the effects of abuse against women on Twitter, specifically in relation to how they act online thereafter. According to the charity, abuse creates what theyve called “the silencing effect” whereby women feel discouraged from participating online. The same can be said for victims of deepfakes.

Helen has never been afraid to use her voice, writing deeply personal accounts of postnatal depression. But the deepfakes created a feeling of shame so strong she thought shed be carrying this “dirty secret” forever, and so she stopped writing.

[...]

Meanwhile, deepfake communities are thriving. There are now dedicated sites, user-friendly apps and organised request procedures. Some sites allow you to commission custom deepfakes for £25, while on others you can upload a womans image and a bot will strip her naked.

“This violation is not something that should be normalised,” says Gibi, an ASMR artist with 3.13 million YouTube subscribers. Gibi has given up trying to keep tabs on the deepfakes of her. For Gibi, the most egregious part of all of this is the fact that people are “profiting off my face, doing something that I didnt consent to, like my suffering is your livelihood.” Shes even been approached by a company offering to remove the deepfakes — for £500 a video. This has to end. But how?

A website hosting pornographic content provided users the ability to create deepfake content (T0154.002: AI Media Platform, T0086.002: Develop AI-Generated Images (Deepfakes)).

Another website enabled users to commission custom deepfakes (T0152.004: Website Asset, T0148.004: Payment Processing Capability, T0086.002: Develop AI-Generated Images (Deepfakes), T0155.005: Paid Access Asset).
I00100 Why ThisPersonDoesNotExist (and its copycats) need to be restricted You might have heard about the recent viral sensation, ThisPersonDoesNotExist.com, a website, launched two weeks ago, that uses Nvidias publicly available artificial intelligence technology to draw an invented, photo-realistic human being with each refresh. The tech is impressive and artistically evocative. Its also irresponsible and needs to be restricted immediately.

[...]

Prior to this technology, scammers faced three major risks when using fake photos. Each of these risks had the potential to put them out business, or in jail.

Risk #1: Someone recognizes the photo. While the odds of this are long-shot, it does happen.

Risk #2: Someone reverse image searches the photo with a service like TinEye or Google Image Search and finds that its been posted elsewhere. Reverse image search is one of the top anti-fraud measures recommended by consumer protection advocates.

Risk #3: If the crime is successful, law enforcement uses the fake photo to figure out the scammers identity after the fact. Perhaps the scammer used an old classmates photo. Perhaps their personal account follows the Instagram member they pilfered. And so on: people make mistakes.

The problem with AI-generated photos is that they carry none of these risks. No one will recognize a human whos never existed before. Google Image Search will return 0 results, possibly instilling a false sense of security in the searcher. And AI-generated photos dont give law enforcement much to work with.

ThisPersonDoesNotExist is an online platform which, when visited, produces AI generated images of peoples faces (T0146.006: Open Access Platform, T0154.002: AI Media Platform, T0086.002: Develop AI-Generated Images (Deepfakes)).
I00103 The racist AI deepfake that fooled and divided a community “I seriously don't understand why I have to constantly put up with these dumbasses here every day.”

So began what appeared to be a long tirade from the principal of Pikesville High School, punctuated with racist, antisemitic and offensive tropes. It sounded like it had been secretly recorded.

The speaker went on to bemoan “ungrateful black kids” and Jewish people in the community.

The clip, first posted in [January 2024], went viral nationally. But it really struck a nerve in the peaceful, leafy suburb of Pikesville, which has large black and Jewish populations, and in the nearby city of Baltimore, Maryland. Principal Eric Eiswert was put on paid administrative leave pending an investigation.

[...]

But what those sharing the clip didnt realise at the time was that another bombshell was about to drop: the clip was an AI-generated fake.

[...]

[In April 2024], Baltimore Police Chief Robert McCullough confirmed they now had “conclusive evidence that the recording was not authentic”.

And they believed they knew who made the fake.

Police charged 31-year-old Dazhon Darien, the schools athletics director, with several counts related to the fake video. Charges included theft, retaliating against a witness and stalking.

He was arrested at the airport, where police say he was planning to fly to Houston, Texas.

Police say that Mr Darien had been under investigation by Principal Eiswert over an alleged theft of $1,916 (£1,460) from the school. They also allege there had been “work performance challenges” and his contract was likely not to be renewed.

Their theory was that by creating the deepfake recording, he hoped to discredit the principal before he could be fired.

Investigators say they traced an email used to send the original video to a server connected to Mr Darien, and allege that he used Baltimore County Public Schools' computer network to access AI tools. He is due to stand trial in December 2024.

By associating Mr Darien to the server used to email the original AI generated audio, investigators link Darien to the fabricated content (T0149.005: Server Asset, T0088.001: AI Generated Audio (Deepfakes)). They also assert that Darien used computers owned by the school to access platforms used to generate the audio (T0146: Account Asset, T0154.002: AI Media Platform).
Counters Response types

DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW