Just a month after the release of the AI-powered chatbot, chatgptCyber miscreants are claiming to have used the application to create new weapons.
Check Point Software researchers say Conversations on several major underground hacking communities show many cyber criminals who have no development skills are using ChatGPT to build basic tools.
“It is only a matter of time until more sophisticated threat actors use AI-based tools for evil,” the researchers said.
ChatGPT is known as a query tool that is trained to determine what humans mean when they ask a question and respond accordingly. Experts point out that Threat actors can use this to create new malware and reverse-engineer security applications.
Examples of ChatGPT-related actions of threat actors discovered by Check Point include:
– December 29 thread from a person who shared the code of a Python-based information stealer that searches an infected computer for common file types, copying them to a random folder inside the Temp folder , zips them and uploads them to a hardcoded FTP. Server;
Check Point analyzed the published code and confirmed the cybercriminal’s claims. “It is worth noting that the actor did not bother to encrypt or securely send the files, so the files may have also ended up in the hands of third parties,” the researchers said;
– A second script made by the same person using ChatGPT, a simple Java snippet that downloads Putty, a very common SSH and Telnet client, and runs it surreptitiously on the system using PowerShell. This script can be modified to download and run any program, including common malware families.
The researchers say this person’s post is intended to show less technically competent cybercriminals how to use ChatGPT for malicious purposes, with real examples they can use immediately.
-Dec 21 post dubbed by a threatening actor USDOD, who claimed that the included Python script was the first one he had created. Check Point researchers describe it as “a hodgepodge of different signing, encryption and decryption functions”.
At first glance, he said, the script looks benign, but it implements a variety of different tasks, including generating cryptographic keys, which are used in signing files, and in systems hacked using Blowfish. Hard-coded passwords are used to encrypt files. Twofish algorithm concurrently in hybrid mode. These functions allow the user to encrypt all files in a specific directory or list of files;
-A thread dated December 31 where a cyber criminal shows how easy it is to create a dark web marketplace using ChatGPT. The author showed a piece of code that uses third-party APIs to get updated cryptocurrency (Monero, Bitcoin, and Ethereum) prices as part of a dark web market payment system;
-This month, several threat actors began discussions in additional underground forums focused on how to use ChatGPT for fraudulent schemes, the report said. Most others focus on generating random art with OpenAI technology, Dal-e 2, and selling them online using legitimate platforms like Etsy. In another example, the threat actor explains how to create an e-book or short chapter on a specific topic – using ChatGPT – and how to sell this content online.
Check Point acknowledged, “It is still too early to determine whether ChatGPT capabilities will become the new tool of choice for participants in the dark web.” “However, the cybercriminal community has already shown significant interest and is jumping on this latest trend to generate malicious code.”
