Cybersecurity researchers are concerned about the misuse of ChatGPT by some individuals with bad intentions, who use the tool to write malware.
In recent weeks, OpenAI has put artificial intelligence back in the spotlight by launching its conversational agent ChatGPT (now freely accessible in version 3.5) to the general public. As formidable and promising as it is, the interface, capable of generating code, could prove to be a key ally for low-skilled cybercriminals. Researchers from the cyber company Check Point Research have also identified several hacking tools created from the OpenAI platform.
Information-stealing software created using ChatGPT
Cyber specialists first identified a case ofinfostealer, an information stealer dubbed “ChatGPT – Benefits of Malware”, appeared on a popular hacking forum. The author of the post explains having recreated strains of malware, on code based on Python.
The malware developed by the individual with help from ChatGPT has the ability to search for files, copy them, compress them and even exfiltrate them, uploading them to a hard-coded FTP server.
Check Point Research has analyzed the script and confirmed the information provided by the cybercriminal. ” This is indeed an infostealer that searches for 12 common file types, such as Office documents, PDFs and images, across the entire system. “, explain the researchers to us. The same actor has also used the conversational agent to write Java code and create malware that, thanks to PowerShell, allows the download and execution of other malware.
A use of the conversational agent that comes to help malicious individuals with limited cyber skills
At the end of December, researchers discovered a Python script, again generated via ChatGPT. Its author explains that its creator had never created a script before. However, this one can completely encrypt and decrypt files. While it looks benign, the script can actually be maliciously modified to encrypt a third-party machine, without user interaction. That is, it can turn into ransomware.
If the individual in question is not a developer and his technical skills remain limited, he is today engaged in various illicit operations, such as the sale of access to compromised companies and stolen databases, which which gives an idea of the potential danger.
The third case dates back to December 31. Here we are dealing with another member from the underground forum, who this time does not turn to malware, but rather focuses on the business part of the dark web. He used ChatGPT to develop scripts capable of running an automated marketplace on the dark web, to buy and sell stolen bank accounts and information, malware, weapons and even drugs. The hacker even published part of the code that embeds the third-party API helping him to obtain the real-time prices of the various cryptocurrencies, to use it as a payment system for the dark web marketplace.
Source : Check Point Research
5