OpenAI has recently warned that ChatGPT is being misused for developing and spreading malware, according to a new report. This includes activities such as debugging malware, developing Android malware, and writing scripts for attacks on critical infrastructure. The report outlines how various groups are using ChatGPT for carrying out attacks, including malware development, influence campaigns, and the creation of fake social media accounts.
OpenAI highlights that attackers primarily use their models for tasks in an intermediary phase of criminal activity—after they’ve obtained basic tools like internet access, email addresses, and social media accounts, but before distributing completed products like malware or social media posts through various channels.
However, according to the report, ChatGPT has not led to breakthroughs in creating new malware or going viral with specific content. OpenAI also disclosed that it has been a target of attacks itself. Personal and business email addresses of OpenAI employees were targeted in spearphishing campaigns, although these attacks were unsuccessful.
Recent Developments:
In September 2024, security researchers raised further alarms that AI models like ChatGPT are increasingly being used by cybercriminals. A recent spike in attacks using ChatGPT to draft sophisticated phishing emails was observed, making it harder for traditional security software to detect. This has led to stricter regulations in some countries, where governments are working on laws to curb the use of AI in cybercrime.
Additionally, OpenAI announced new security layers added to its AI models to further prevent misuse. These measures include improved detection algorithms that can quickly identify and block suspicious activities, such as writing malicious code or supporting phishing attacks.
