• CheckPoint : Cybercriminals Starting to Use chatGPT

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » CheckPoint : Cybercriminals Starting to Use chatGPT

    Author
    Topic
    #2517967

    https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/

    At the end of November 2022, OpenAI released ChatGPT, the new interface for its Large Language Model (LLM), which instantly created a flurry of interest in AI and its possible uses. However, ChatGPT has also added some spice to the modern cyber threat landscape as it quickly became apparent that code generation can help less-skilled threat actors effortlessly launch cyberattacks.

    In Check Point Research’s (CPR) previous blog, we described how ChatGPT successfully conducted a full infection flow, from creating a convincing spear-phishing email to running a reverse shell, capable of accepting commands in English. The question at hand is whether this is just a hypothetical threat or if there are already threat actors using OpenAI technologies for malicious purposes…

    CPR’s analysis of several major underground hacking communities shows that there are already first instances of cybercriminals using OpenAI to develop malicious tools. As we suspected, some of the cases clearly showed that many cybercriminals using OpenAI have no development skills at all. Although the tools that we present in this report are pretty basic, it’s only a matter of time until more sophisticated threat actors enhance the way they use AI-based tools for bad…

    On December 29, 2022, a thread named “ChatGPT – Benefits of Malware” appeared on a popular underground hacking forum. The publisher of the thread disclosed that he was experimenting with ChatGPT to recreate malware strains and techniques described in research publications and write-ups about common malware. As an example, he shared the code of a Python-based stealer that searches for common file types, copies them to a random folder inside the Temp folder, ZIPs them and uploads them to a hardcoded FTP server…

    Our analysis of the script confirms the cybercriminal’s claims…

    * Microsoft to invest $10B in OpenAI (already invested $1B).

    • This topic was modified 1 year, 1 month ago by Alex5723.
    • This topic was modified 1 year, 1 month ago by Alex5723.
    Viewing 2 reply threads
    Author
    Replies
    • #2518133

      Any tool can be used for good or ill.

      On permanent hiatus {with backup and coffee}
      offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
      offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
      online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender
    • #2518837

      Any tool can be used for good or ill.

      Disagree. It’s (“smart?”) software so it should be build with safeguards against ill use.

    • #2523154

      Then they create a video simulator that takes one image of you, and moves it around slightly – not much better than a jerky facetime connection – and I’m asking my family for money or saying horrible things. Terrifying.

      Alex is right, and I can’t imagine what the safeguards would be, but yeah.

    Viewing 2 reply threads
    Reply To: CheckPoint : Cybercriminals Starting to Use chatGPT

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: