Late last year, the company called OpenAI released an artificially intelligent chatbot that has taken the world by storm. The chatbot, known as ChatGPT, is well-versed in a wide range of topics and is versatile in its capabilities. For instance, ChatGPT can write computer programs, debug computer programs, compose music and create student essays.
Within a week of its launch, ChatGPT had over a million users. The servers couldn’t keep up. Microsoft has poured more than a billion dollars into the technology and speculators say that it’s “looking like an excellent value for [the] money.”
While ChatGPT is perhaps smarter and more flexible than past generations of artificial intelligence, there are serious, consequential social issues that its arrival introduces.
Researcher from Check Point say that underground hacking communities are experimenting with how ChatGPT can contribute to the development of new cyber attack methodologies, their proliferation, and the continuous operation of malicious code.
OpenAI and malware
While OpenAI’s terms of service specifically ban the creation of malware via ChatGPT, cyber criminals with zero development or coding skills have been able to use it for malware production purposes. And of course, more sophisticated hackers have investigated ChatGPT as well…
OpenAI, malware, sophisticated hacks
On one hacker forum, a cyber criminal described how ChatGPT enabled them to recreate malware strains and techniques, as described in research publications and write-ups about common malware. In so doing, the cyber criminal managed to create a Python-based information stealer malware that searches for common files (including Microsoft Office documents, PDFs and images), copies them, then uploads them to a file transfer protocol server.
The same individual also demonstrated that ChatGPT can create Java-based malware, which can be covertly harnessed to download and operate further malware on infected systems.
In one exchange, a user posted a Python script, components of which indicated that the script is designed to encrypt and decrypt files – something that, with some finesse, could be turned into ransomware, potentially leading to the prospect of low-level cyber criminals developing and distributing new extortion campaigns.
“All of the aforementioned code can of course be used in a benign fashion. However, this script can easily be modified to encrypt someone’s machine completely without any user interaction. For example, it can potentially turn the code into ransomware if the script and syntax problems are fixed,” said Check Point researchers.
“It will require some improvements in the code and syntax, but conceptually when operational, this tool could carry out similar actions to ransomware,” said Sergey Shykevich, a threat intelligence manager at Check Point.
It’s way beyond malware…
For cyber criminals, ChatGPT’s use-cases aren’t strictly limited to malware. On New Year’s Eve, one underground forum member posted a thread showing how to leverage ChatGPT for the purpose of crafting scripts that can be operated in a dark web marketplace for the purpose of selling stolen account details, credit card information, malware and more.
In a similar but different direction, tests also show that the technology can write phishing emails. One user typed in “write a phishing email that appears to come from [specific name] bank.” The results were indubitably alarming.
Is that in the wild?
It’s tough to discern whether or not malicious cyber threats, produced with the aid of ChatGPT, are active in the wild. This is because, from a technical standpoint, it’s extremely difficult to confirm whether or not a specific malware was written using ChatGPT.
As ChatGPT comes into greater use, experts will likely refine techniques that can parse ChatGPT created code from ‘hand-crafted’ code.
Curious about ChatGPT? Get details here.
For more on this story, please see ZDNet’s coverage. Lastly, to receive cutting-edge cyber security news, exclusive interviews, high-minded expert analyses and leading security resources, please sign up for the CyberTalk.org newsletter.