A new wave of cyber extortion is shaking the art community. The popular freelance art platform Artists&Clients has fallen victim to a ransomware attack orchestrated by the hacker group LunaLock, which is demanding a $50,000 ransom. What makes this case unique is the hackers’ threat: if the ransom is not paid, they will release stolen artworks and user data to companies developing artificial intelligence (AI) models, potentially exposing sensitive information and creative works to AI training datasets.
The attack began in late August when LunaLock infiltrated the platform, stealing and encrypting its data. Hackers claim to have obtained the site’s source code, user data, and unique artworks from artists. They added a ticking countdown timer, giving the website’s administrators only a few days to respond. Payment is demanded in Bitcoin or Monero, making the transaction difficult to trace.
According to LunaLock, if the ransom remains unpaid, the stolen content will be published on the dark web via a Tor site, exposing both personal data and copyrighted materials. Such a leak could lead to severe legal consequences, including violations of the EU’s GDPR regulations and other international data protection laws. For Artists&Clients, this could mean not only reputational damage but also hefty fines.
What sets this case apart from typical ransomware attacks is the AI angle. LunaLock has explicitly stated that the stolen artworks could be transferred to AI developers, effectively integrating them into training datasets for large language and image models. This is a new tactic in the cybercrime landscape, as highlighted by Tammy Harper, Senior Threat Researcher at cybersecurity firm Flare. Harper notes this is the first time she has seen criminals use AI training threats as leverage in extortion. Traditionally, ransomware groups threaten only to leak or sell data. By introducing the risk of AI exploitation, LunaLock is targeting a highly sensitive issue for the artist community, where intellectual property rights are already under strain due to generative AI.
Experts warn that this strategy could increase the pressure on victims. Artists fear that their work, once stolen, could be endlessly replicated by AI systems, stripping away ownership and artistic value. LunaLock is likely counting on this fear to push both artists and clients into pressuring the site’s administrators to comply with the ransom demands.
At present, the Artists&Clients platform remains offline, showing a Cloudflare error page. This suggests the administrators may be attempting mitigation measures, but no official statement has been released regarding ransom negotiations or data recovery.
Conclusion
The LunaLock attack on Artists&Clients highlights a dangerous new intersection between cybercrime and AI ethics. By threatening to funnel stolen artworks into AI datasets, hackers have weaponized one of the most contentious debates in the creative industry. Whether the ransom is paid or not, this incident underscores the urgent need for better cybersecurity measures in platforms handling creative and sensitive data, as well as stronger legal frameworks to address the misuse of artistic works in the AI era.
