Associated Incidents
In the last month or so, AI tool ChatGPT has become quite the talk of tech town. ChatGPT can be used to answer questions, write reports, and even software codes. And now it seems like cybercriminals are using for malicious activities. According to cybersecurity research firm, ChatGPT was used by bad actors to develop malicious tools. In underground hacking forums, threat actors are creating infostealers, encryption tools and facilitating fraud activity. Checkpoint Research shared three instances of cybercriminals using ChatGPT.
For creating info stealers
According to Checkpoint Research, on December 29, 2022, a thread named "ChatGPT - Benefits of Malware" appeared on a popular underground hacking forum. The publisher of the thread disclosed that he was experimenting with ChatGPT to recreate malware strains and techniques described in research publications and write-ups about common malware. These posts, according to Checkpoint Research, seemed to be demonstrating less technically capable cybercriminals how to utilise ChatGPT for malicious purposes, with real examples they can immediately use.
For creating multi-layered encryption tools
Similarly, on December 21, 2022, a threat actor dubbed USDoD posted a Python script, which he emphasised was the 'first script he ever created'. When another cybercriminal commented that the style of the code resembles openAI code, USDoD confirmed that the OpenAI gave him a "nice [helping] hand to finish the script with a nice scope." "This could mean that potential cybercriminals who have little to no development skills at all, could leverage ChatGPT to develop malicious tools and become a fully-fledged cybercriminal with technical capabilities," said Checkpoint Research.
Using ChatGPT for fraud
According to Checkpoint Research, a cybercriminal showed how to create a Dark Web marketplace scripts using ChatGPT. The marketplace's main role in the underground illicit economy is to provide a platform for the automated trade of illegal or stolen goods like stolen accounts or payment cards, malware, or even drugs and ammunition, with all payments in cryptocurrencies.
Sergey Shykevich, Threat Intelligence Group Manager at Check Point, said, "Cybercriminals are finding ChatGPT attractive. In recent weeks, we're seeing evidence of hackers starting to use it to write malicious code. ChatGPT has the potential to speed up the process for hackers by giving them a good starting point. Just as ChatGPT can be used for good to assist developers in writing code, it can also be used for malicious purposes."