ChatGPT continues to make headlines, but this time for the wrong reasons, experts warn.
Cybersecurity researchers at Check Point Research (CPR) have observed that cybercriminals use the tool to enhance, and sometimes create from scratch, dangerous malware. (opens in a new tab) and ransomware.
The team published the results of its investigation and said it detected numerous posts on underground hacking forums in which cybercriminals discuss creating information stealers, encryption tools and other malware, with the help of ChatGPT. To make matters worse, some of the authors appear to be completely new to programming, indicating that the tool could be used to drastically lower the barrier to entry for cybercrime.
In addition to creating malware and ransomware, cybercriminals are also using the AI-powered chatbot to create supporting software. One hacker described using the tool to create a marketplace, where other hackers can trade illegal and stolen goods, such as payment details, malware, but also drugs and firearms. All payments made on the platform would be made in cryptocurrencies.
“Cybercriminals find ChatGPT attractive. In recent weeks, we have seen evidence that hackers are beginning to use it to write malicious code,” said Sergey Shykevich, Manager of the Threat Intelligence Group at Check Point.
“ChatGPT has the potential to speed up the process for hackers by giving them a good starting point. Just as ChatGPT can be used to help developers write code, it can also be used for malicious purposes. Although the tools we discuss in this report are fairly basic, it’s only a matter of time until more sophisticated threat actors improve the way they use AI-based tools. CPR will continue to investigate cybercrime related to ChatGPT in the coming weeks.”
ChatGPT is a newly released AI-powered chatbot by OpenAI. Since it went public, the quality of the tool has attracted a lot of attention, but it has also generated some fear. The media have gone so far as to discuss whether tools like ChatGPT could spell the end of Google and other mainstream tech giants, or could put most software developers out of a job.