Cyber Threat Actors Are Using ChatGPT to Code Deployable Malware - 1

Cyber Threat Actors Are Using ChatGPT to Code Deployable Malware

  • Written by Ari Denial Cybersecurity & Tech Writer

Hackers are using ChatGPT, the brainchild of Open AI to write malicious codes and deploy malware.

As per the reports, less experienced cybercriminals are utilizing ChatGPT to easily create malware strains that can be used for different cybercrimes. Hackers are also using this open-source AI app to create dark websites, steal personal files, obtain bank account credentials, and prepare other fraudulent schemes.

ChatGPT provides step-by-step instructions for hackers to replicate malware and ransomware strains. In a recent experiment, cybersecurity researchers ethically hacked a website in under 45 minutes using the hacking script generated using ChatGPT.

“Just as it can be used for good to assist developers in writing code for good, it can (and already has) been used for malicious purposes,” said Matt Psencik, the Director of Endpoint Security Specialist at Tanium .

“A couple of examples I’ve already seen are asking the bot to create convincing phishing emails or assist in reverse engineering code to find zero-day exploits that could be used maliciously instead of reporting them to a vendor,” he added.

Hackers are exploiting ChatGPT to create malicious scripts to perform cyber crimes. The files are then sold and shared on the dark web and other underground community forums.

When reporters asked ChatGPT personnel for clarification, they said — “Threat actors may use artificial intelligence and machine learning to carry out their malicious activities. Open AI is not responsible for any abuse of its technology by third parties.”

“While we’ve made efforts to make the model refuse inappropriate requests, it will sometimes respond to harmful instructions or exhibit biased behavior. We’re using the Moderation API to warn or block certain types of unsafe content, but we expect it to have some false negatives and positives for now. We’re eager to collect user feedback to aid our ongoing work to improve this system,” they added.

Social Commerce Website Trustanduse Exposed Half A Million Users - 2

Social Commerce Website Trustanduse Exposed Half A Million Users

  • Written by Ari Denial Cybersecurity & Tech Writer

Data of around 439,000 users including many businesses were exposed due to security loopholes on the social media marketplace trustanduse.com.

The 855GB database of Trustanduse unintentionally leaked on June 21 and kept exposing users’ personal and professional information for at least six months. Around 439,000 users’ sensitive data was leaked, including usernames, full names, encrypted hashed passwords, phone numbers, and Facebook IDs.

Trustanduse.com is a consumer review platform based in Athens and was founded in 2016. Consumers use this platform to rate products, services, businesses, and stores. The website was also renowned for providing offers and discounts on products.

The researchers ensure that “Credential stuffing attacks, when perpetrators use stolen account credentials to gain unauthorized access to user accounts on other systems, are unlikely. However, threat actors could use the data for spam and spear-phishing campaigns, most often in the form of con emails that try to dupe the victim into parting with money or further valuable information.”

The data held within the database indicated Trustanduse had an ongoing association with a Greek supermarket chain, Galaxias. They shared their supplier information like receipts, discounts, and special access to their website for the supermarket employees. As there was no effective authorization in place, experts were able to analyze the Application Programming Interface (API) and sandbox settings seemingly developed by trustanduse.com. Although, this is not specified on their website.

“The trustanduse.com site might not operate anymore, at least judging from the fact that it appears to have fallen silent on social media channels. However, the discovered database was actively updated, so the data could still be used for future projects, sold to third parties, or exploited by threat actors,” researchers said.

Cybernews researchers suggest everyone who has an account with Trustanduse take precautions such as:

  • Changing usernames and passwords
  • Inspecting any new emails to prevent phishing attacks
  • Sharing as little personal information as possible on Facebook
  • Ignoring text messages and phone calls from unknown numbers