EXECUTIVE SUMMARY:

Since its November debut on the world stage, the popular AI-powered chatbot, ChatGPT, has continuously attracted cyber criminal attention. Although OpenAI, has developed security measures to prevent product misuse, these measures have not curtailed hacker pursuits.

According to Check Point researchers, some cyber criminals are selling tools that enable other cyber criminals to bypass ChatGPT’s safety restrictions and that can facilitate malware creation. The tools cost less than a cup of coffee and a croissant. Others hackers have created a special publicly available script that enables nearly anyone to circumvent ChatGPT controls.

In this article, we’ll explore the state of ChatGPT hacks, the latest on ChatGPT malware, and so much more. Leverage these insights to assess how ChatGPT-related cyber schemes could affect your organization.

The latest on ChatGPT-themed malware

A new report published by Meta denotes a sharp increase in ChatGPT-themed malware. Since March of this year, Meta researchers have discovered ten malware families using ChatGPT and related themes to compromise accounts.

Says Meta, scams often involve mobile apps or browser extensions mimicking ChatGPT tools. In some cases, the fake tools do actually offer some ChatGPT functionality. However, their real intent is to steal users’ account credentials.

The scammers behind these exploits are capitalizing on the robust interest in AI, ChatGPT and chatbots. From a bad actor’s perspective, ChatGPT is the new crypto, expressed Meta’s Chief Security Officer, Guy Rosen.

More on malware

According to a Check Point report, ChatGPT is being actively used to create malware — including infostealers for Microsoft Office documents, PDFs and images-based targeting, and Python scripts that perform cryptographic operations (a.k.a encryption tools), — to develop dark web marketplaces and to push other fraud attempts.

Although the strength and functionality of the malware that’s created via ChatGPT is debatable, the prospect that ChatGPT could improve its capabilities, and thereby assist with the generation of even more potent malware, represents a real concern.

The latest on ChatGPT crypto scams

Cyber security researchers have also observed cyber criminals exploiting the growing popularity of OpenAI for crypto fraud scam purposes. For example, cyber criminals have repurposed the ChatGPT logo and borrowed Elon Musk’s name to lure victims into crypto giveaway events.

Insights into ChatGPT phishing and fraud

Cyber criminals are also leveraging ChatGPT to create increasingly sophisticated phishing emails, to perpetuate fraud schemes, and to make existing scams more dangerous than before.  In the U.S., the Federal Trade Commission has warned that ChatGPT could be used to “turbocharge” fraud.

See our past ChatGPT coverage

For more on this story, please click here. Lastly, to receive more cutting-edge cyber security news, best practices, expert interviews and high-level analyses, please sign up for the weekly CyberTalk.org newsletter.