Artificial intelligence (AI)-driven ChatGPT, which gives human-like answers to questions, is also being used by cybercriminals to develop malicious tools that can steal your data, a report has warned.

The first such instances of cybercriminals using ChatGPT to write malicious codes have been spotted by Check Point Research (CPR) researchers.

In underground hacking forums, threat actors are creating “info stealers”, and encryption tools and facilitating fraud activity.

The researchers warned of the fast-growing interest in ChatGPT by cybercriminals to scale and teach the malicious activity.

“Cybercriminals are finding ChatGPT attractive. In recent weeks, we’re seeing evidence of hackers starting to use it to write malicious code. ChatGPT has the potential to speed up the process for hackers by giving them a good starting point,” said Sergey Shykevich, Threat Intelligence Group Manager at Check Point.

Just as ChatGPT can be used for good to assist developers in writing code, it can also be used for malicious purposes.

On December 29, a thread named “ChatGPT – Benefits of Malware” appeared on a popular underground hacking forum.

Buy Me A Coffee

The publisher of the thread disclosed that he was experimenting with ChatGPT to recreate malware strains and techniques described in research publications and write-ups about common malware.

“While this individual could be a tech-oriented threat actor, these posts seemed to be demonstrating less technically capable cybercriminals how to utilize ChatGPT for malicious purposes, with real examples they can immediately use,” the report mentioned.

READ
CERT-In Finds Multiple Vulnerabilities in Cisco Products, Advises Users to Update

On December 21, a threat actor posted a Python script, which he emphasized was the first script he ever created.

When another cybercriminal commented that the style of the code resembles OpenAI code, the hacker confirmed that OpenAI gave him a “nice (helping) hand to finish the script with a nice scope.”

This could mean that potential cybercriminals who have little to no development skills at all, could leverage ChatGPT to develop malicious tools and become a fully-fledged cybercriminals with technical capabilities, the report warned.

“Although the tools that we analyze are pretty basic, it’s only a matter of time until more sophisticated threat actors enhance the way they use AI-based tools,” Shykevich said.

OpenAI, the developer behind ChatGPT, is reportedly trying to raise capital at a valuation of almost $30 billion.

Microsoft acquired OpenAI for $1 billion and is now pushing ChatGPT applications for solving real-life problems.