Skip to content
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
The Reimage Blog
Menu
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
Facebook Twitter
Home  /  Privacy and Security  /  People are already trying to get ChatGPT to write malware
PostedinPrivacy and Security Posted on January 9, 2023

People are already trying to get ChatGPT to write malware

Posted By Kerry.Hershey

Analysis of chatter on dark web forums shows that efforts are already under way to use OpenAI’s chatbot to help script malware.

The ChatGPT AI chatbot has created plenty of excitement in the short time it has been available and now it seems it has been enlisted by some in attempts to help generate malicious code.

ChatGPT is an AI-driven natural language processing tool which interacts with users in a human-like, conversational way. Among other things, it can be used to help with tasks like composing emails, essays and code. 

The chatbot tool was released by artificial intelligence research laboratory OpenAI in November and has generated widespread interest and discussion over how AI is developing and how it could be used going forward. 

But like any other tool, in the wrong hands it could be used for nefarious purposes; and cybersecurity researchers at Check Point say the users of underground hacking communities are already experimenting with how ChatGPT might be used to help facilitate cyber attacks and support malicious operations. 

“Threat actors with very low technical knowledge – up to zero tech knowledge – could be able to create malicious tools. It could also make the day-to-day operations of sophisticated cybercriminals much more efficient and easier – like creating different parts of the infection chain,” Sergey Shykevich, threat intelligence group manager at Check Point told ZDNET.  

OpenAI’s terms of service specifically ban the generation of malware, which it defines as “content that attempts to generate ransomware, keyloggers, viruses, or other software intended to impose some level of harm”. It also bans attempts to create spam, as well as use cases aimed at cybercrime.

However, analysis of activity in several major underground hacking forums suggests that cyber criminals are already using ChatGPT to develop malicious tools – and in some cases, it’s already allowing low-level cyber criminals with no development or coding skills to create malware. 

In one forum thread which appear towards the end of December, the poster described how they were using ChatGPT to recreate malware strains and techniques described in research publications and write-ups about common malware. 

By doing this, they’ve been able to create a Python-based information stealer malware which searches for common files including Microsoft Office documents, PDFs and images, copies them then uploads them to a file transfer protocol server. 

The same user also demonstrated how they’d used ChatGPT to create Java-based malware, which using PowerShell could be harnessed to covertly download and run other malware onto infected systems. 

Researchers note that the forum user making these threads appears to be “tech-oriented” and shared the posts to show less technically capable cybercriminals how to utilize AI tools for malicious purposes, complete with real examples of how it can be done. 

One user posted a Python script, which they said was the first script they ever created. After discussion with another forum member, they said that ChatGPT helped them to create it. 

Analysis of the script suggest it’s designed to encrypt and decrypt files, something that with some work, could be turned into ransomware, potentially leading to the prospect of low-level cyber criminals developing and distributing their own extortion campaigns. 

“All of the afore-mentioned code can of course be used in a benign fashion. However, this script can easily be modified to encrypt someone’s machine completely without any user interaction. For example, it can potentially turn the code into ransomware if the script and syntax problems are fixed,” said Check Point.

“It will require some improvements in the code and syntax, but conceptually when operational, this tool could carry out similar actions to ransomware,” said Shykevich.

But it isn’t just malware development which cyber criminals are experimenting with ChatGPT for; on New Year’s Eve, one underground forum member posted a thread demonstrating how they’d used the tool to create scripts which could be operate an automated dark web marketplace for buying and selling stolen account details, credit card information, malware and more. 

The cyber criminal even showed off a piece of code that was generated using a third-party API to to get up-to-date prices for Monero, Bitcoin and Ethereum cryptocurrencies as part of a payment system for a dark web marketplace. 

It’s difficult to tell if malicious cyber activity generated with the aid of ChatGPT is actively functioning in the wild, because as Sykevich explains, “from a technical stand point it’s extremely difficult to know whether a specific malware was written using ChatGPT or not”. 

But as interest in ChatGPT and other AI tools grows, they’re going to attract the attention of cyber criminals and fraudsters looking to exploit the technology to help conduct malicious campaigns at low-cost and with the least effort necessary. ZDNET has contacted OpenAI for comment, but is yet to receive a response at the time of publication. 

Written by: Danny Palmer, Senior Writer
Source: ZDNet.com
Featured Image Credit: Getty/NurPhoto

Share on Facebook Share on Twitter
Previous Article
Paula Abdul Talks Up Her ‘Smart Audio Glasses’ at CES
Next Article
Royal Mail’s ‘Cyber Incident’ Turns Out to Be Ransomware

About Author

Kerry.Hershey

Related Posts

  • Royal Mail’s ‘Cyber Incident’ Turns Out to Be Ransomware

    January 13, 2023
  • Hardware drivers approved by Microsoft used in ransomware attacks

    December 14, 2022
  • EU’s ‘Right to Be Forgotten’ Includes False Claims About People

    December 12, 2022
Scan Now

Categories

  • Business
  • Computer Help
  • Emerging Technology & News
  • Privacy and Security
  • Reviews

Reviews

Reimage Social

Security

Popular Posts

  • PCWorld calls Reimage “A Fantastic Repair Utility “ July 26, 2011 Reviews
  • 4 Ways to Keep the Ghouls & Goblins Away From Your PC October 26, 2010 Archive
  • The PC Key to Happiness – A Properly Maintained OS September 2, 2010 Archive
  • Google says hacked websites were attacking iPhones for years September 12, 2019 Privacy and Security

Random Posts

  • Xbox Series X specs, backward compatibility and everything we know so far April 8, 2020 Reviews
  • Get Moving: How to Fix a Jumpy or Inaccurate Laptop Touchpad August 26, 2022 Computer Help
  • 17 Terminal commands every user should know June 16, 2021 Computer Help
  • The original vision for Windows 10 included hundreds of millions of mobile devices. Credit: Microsoft Corporation
    Windows 10 at five: Don’t get too comfortable, the rules will change again May 8, 2020 Emerging Technology & News
© Copyright 2019
We use cookies to ensure that we give you the best experience on our website.Ok