OpenAI reveals ChatGPT use by CyberAv3ngers, Android malware developers
OpenAI has disrupted more than 20 adverse operations leveraging its ChatGPT service for tasks including malware debugging, target reconnaissance, vulnerability research and generation of content for influence operations, the company revealed in a report published Wednesday.
The generative AI (GenAI) company also uncovered a spear-phishing campaign targeting its own employees, conducted by a threat actor that additionally used ChatGPT for various tasks. Several case studies of threat actors found to be using ChatGPT are outlined in the report, along with lists of tactics, techniques and procedures (TTPs) and indicators of compromise (IoCs) for some of the attackers.
Overall, OpenAI reported that the use of ChatGPT by cyber threat actors remained limited to tasks that could alternatively be performed using search engines or other publicly available tools, and that few of the election-related influence operations leveraging ChatGPT scored higher than Category Two on the Brookings Institution’s Breakout Scale.
“Threat actors continue to evolve and experiment with our models, but we have not seen evidence of this leading to meaningful breakthroughs in their ability to create substantially new malware or build viral audiences,” the report states.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25670725/LYNKCO_02_Exterior_04_Hires_D8d8a9.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/25283724/STK048_XBOX_C.jpg)
