ChatGPT for Malware: We Knew It Was Coming
- By CDOTrends editors
- January 24, 2023
After OpenAI released ChatGPT to the general public, it wasn't long before cybercriminals found ways to leverage the platform for their malicious purposes. Bypassing OpenAI's geographical controls, cybercriminals have been able to use ChatGPT to write malware and other malicious code.
Recently, Check Point Research (CPR) noticed a sudden rise in dark web activity associated with Russian cybercriminals using the platform, even in countries not supported by OpenAI.
Accessing ChatGPT allows Russian cybercriminals to produce malware and scripts for the dark web marketplace efficiently. Using ChatGPT, they can reduce the initial investment required to begin their cybercriminal activities and increase their ability to produce and test more sophisticated code.
Here's how they can accomplish this: To access ChatGPT, criminals must submit three essential details: an IP address, a phone number and a payment card. If they're after the premium version with API access, they must pay for it using their credit or debit card.
CPR noticed a cybercriminal seeking advice on gaining access to OpenAI's API. They expressed difficulty with buying access when using a Russian payment card and requested assistance in using a stolen payment card instead.
After investigating a Russian underground forum, CPR uncovered discussions about using ChatGPT to create malicious software and ways to evade OpenAI's territory restrictions. Individuals within the thread highlighted that for a small fee (approximately USD0.09), one could utilize readily available SMS services to bypass OpenAI's phone verification system.
Finally, CPR encountered multiple tutorials in Russian that discussed semi-legal SMS text messaging services. These platforms would allow global access to ChatGPT by circumventing the restrictions imposed by OpenAI's verification process. This way, they could send and receive messages from any country with a phone number.
The combination of stolen payment cards, SMS services, and ChatGPT has enabled cybercriminals to access OpenAI’s platform and quickly, cheaply, and efficiently produce malicious scripts.
However, CPR also observed that those who accessed ChatGPT to produce their scripts had limited technical understanding and had only been able to create basic malicious tools. This indicates that there is still a significant skills gap between cybercriminals and those capable of producing sophisticated malicious programs.
"It’s still too early to decide whether or not ChatGPT capabilities will become the new favorite tool for participants in the Dark Web. However, the cybercriminal community has already shown significant interest and is jumping into this latest trend to generate malicious code. CPR will continue to track this activity throughout 2023," they added.
Image credit: iStockphoto/sasha85ru