Hackers Abusing OpenAI’s ChatGPT to Conduct Malware Practices

One hacker shared ChatGPT Android malware code that could hack desired files, compress them, and release them online. The misuse of ChatGPT, an artificially intelligent (AI) chatbot from OpenAI, is a new tactic being used by cybercriminals. Since the ChatGPT app was released towards the end of November 2022, it has grown in popularity, thus it only seems sense that scammers are looking to take advantage of it.

ChatGPT Misused to Build Hacking Tools

A recent research from the Israeli security company Check Point claims that hackers are exploiting ChatGPT to construct new chatbots that imitate young girls in order to entice targets and generate effective hacking tools. Additionally, ChatGPT has the ability to programme malicious software that can spy on users' keystrokes and produce malware. For your information, OpenAI has created ChatGPT as a user interface for its LLM (Large Language Model). However, given that its ability to generate code can easily assist threat actors in launching cyberattacks, cybercriminals have somehow managed to turn it into a menace to the cyber world. On the other side, dating scammers have been seen using ChatGPT to construct convincing personalities, according to Hold Security's creator Alex Holden. In order to acquire the trust of their targets and have more in-depth talks with them, scammers are adopting female identities and impersonating girls.

Potential Dangers

An attacker might produce an authentic-looking spear-phishing email to launch a reverse shell that can take English commands, according to the researchers at Check Point Research, who outlined this in their blog post. Instances when hackers exploited OpenAI to construct dangerous tools, even those without coding expertise, have been reported on numerous underground hacking forums. A hacker posted Android malware code created by ChatGPT in one of the articles that Check Point examined. This code might grab desired files, compress them, and then leak them online. One user described how they took advantage of ChatGPT by using it to hack features from Dark Web marketplaces like Silk Road and Alphabay. Another programme that could be used to set up a backdoor on a device and download additional malware onto the infected computer was shared on the forum. Likewise, a user-shared Python script that may encrypt files using the OpenAI programme This was the user's initial tool, according to Check Point researchers. Similar to ransomware, these algorithms could be tweaked for malevolent use to automatically encrypt a device without user intervention. Additionally, fraudsters can employ ChatGPT to create websites and bots that coerce users into disclosing personal information in order to carry out highly specific phishing and social engineering scams.