Hackers are using ChatGPT to create sophisticated malware.
Recently, OpenAI (USA), a leading artificial intelligence research company, confirmed that hackers are exploiting its ChatGPT AI model to create malware and carry out cyberattacks.
A recent report has exposed the alarming reality of ChatGPT being exploited for cyberattacks. More than 20 incidents have been recorded since the beginning of 2024, in which hackers have used ChatGPT to carry out phishing attacks, steal data, and disrupt systems, causing significant damage to numerous organizations and individuals.
An OpenAI report has exposed an alarming reality: state-linked hacking groups, particularly from China and Iran, are leveraging ChatGPT's capabilities to enhance the effectiveness of their cyber operations. From refining sophisticated malware to creating malicious propaganda campaigns on social media, ChatGPT has become a powerful tool for large-scale cyberattacks.

In an alarming development, the Chinese hacking group 'SweetSpecter' has been discovered exploiting ChatGPT to carry out malicious activities. This group used ChatGPT to collect sensitive information, search for security vulnerabilities in systems, and develop new types of malware. They even boldly attacked OpenAI itself with phishing attacks, aiming to access and steal employee data.
Another serious threat comes from the Iranian hacking group 'CyberAv3ngers', closely linked to the Islamic Revolutionary Guard Corps. This group has exploited ChatGPT to search for vulnerabilities in the control systems of factories and critical infrastructure. Their goal is to create malicious code to attack and cripple these systems, causing serious consequences.
Additionally, another hacking group from Iran, known as 'STORM-0817', has also been discovered exploiting artificial intelligence to create malware for Android phones. This malware is capable of stealing users' personal information such as phone numbers, call history, and location.
Although hacker groups have experimented with using ChatGPT to create malware, OpenAI argues that this has not led to any breakthroughs in the field of cyberattacks. ChatGPT is merely a supporting tool, and creating effective cyberattacks still requires human expertise and experience.
The company asserts that what they observed when hackers used GPT-4 remained within the limits of their previously predicted capabilities. In other words, GPT-4 is not yet capable of creating more sophisticated and effective cyberattacks than other tools.
The report indicates that the development of generative AI is making it easier to become a hacker. Anyone, even those with little technological knowledge, can use AI to create cyberattack tools, thereby increasing their risk of being attacked.
To address these threats, OpenAI has implemented measures to prevent malicious activity, including banning accounts associated with identified activities. The company is also collaborating with industry partners and stakeholders to share threat intelligence and improve collective cybersecurity defenses.
Security experts are concerned that this situation will worsen as AI technology becomes increasingly intelligent. They argue that companies developing AI need robust safeguards and effective detection systems to prevent malicious actors from exploiting this technology for nefarious purposes.
The revelations from OpenAI serve as a wake-up call for the technology industry and policymakers to address the potential risks associated with advanced AI systems.
Today, AI is becoming increasingly prevalent in our lives. To fully leverage the benefits of AI while ensuring safety, we need to find a balance between developing new technologies and protecting personal information. This will help prevent malicious actors from exploiting AI to commit harmful acts.
OpenAI has committed to doing everything possible to prevent malicious actors from exploiting its AI tools for harmful purposes. The company will continue to seek out and eliminate such malicious activities, and share its experiences with other researchers to jointly build a more robust security system. OpenAI will also strengthen its defenses against attacks from professional hackers, especially those linked to governments.
In the future, AI will play a crucial role in our lives. However, to avoid potential risks, AI developers, cybersecurity experts, and governments need to collaborate closely. They need to work together to find ways to develop AI safely and securely, while preventing malicious actors from exploiting AI for harm.


