Accelerated cybercrime with ChatGPT4

B2B Cyber ​​Security ShortNews

Share post

Security researchers reveal various scenarios that allow hackers to improve their malicious efforts and preparations, resulting in faster and more accurate results.

In some cases, even non-technical actors can create malicious tools. Scenarios presented include bank impersonation, reverse shells, C++ malware, and more. CPR warns about ChatGPT4's potential to accelerate cybercrime execution and will continue its analysis of the platform in the coming days.

Malicious use of ChatGPT4

  • 1) C++ malware that collects PDF files and sends them to FTP.
  • 2) Phishing: Misuse of bank identities.
  • 3) Phishing: Emails to employees.
  • 4) PHP reverse shell.
  • 5) Java program that downloads and runs putty, which can be started as a hidden powershell.

ChatGPT4 is changing the threat landscape

The essence of cyber warfare is to develop cyber weapons to exploit vulnerabilities. With ChatGPT4, weapon development challenges are drastically reduced and the ability to conduct cyber attacks is accelerated. This will increase the number of cyber attacks in general because the time it takes to build, test, and run malicious tools will decrease significantly. CPR has observed cases where even non-technical people have created malicious tools since the process of coding, compiling, and packaging the code has been simplified by using ChatGPT.

Fast execution of attacks

Mr. Oded Vanunu, Head of Products Vulnerabilities Research at Check Point, on the security analysis: "After finding several ways ChatGPT could be used by hackers, and also cases where this actually happened, we spent 24 hours to check if anything has changed in the new version of ChatGPT. Although the new platform has clearly been improved on many levels, we can still report that there are scenarios where the hacking attacks can be accelerated with ChatGPT4. ChatGPT4 can provide malicious actors, even those with no technical knowledge, with tools to speed up and validate their activities.

The criminals can even use ChatGPT4's quick replies to overcome technical challenges in developing malware. We see that ChatGPT4 can serve both good and bad users. Good users can use ChatGPT to develop and program code useful to society. At the same time, hackers can also abuse this AI technology to carry out attacks quickly. With AI playing a significant and growing role in cyber attacks and defenses, we anticipate that this platform will be used by hackers. We will spend the next few days better understanding how.”

More at Checkpoint.com

 


About check point

Check Point Software Technologies GmbH (www.checkpoint.com/de) is a leading provider of cybersecurity solutions for public administrations and companies worldwide. The solutions protect customers from cyberattacks with an industry leading detection rate for malware, ransomware and other types of attacks. Check Point offers a multi-level security architecture that protects company information in cloud environments, networks and on mobile devices, as well as the most comprehensive and intuitive “one point of control” security management system. Check Point protects over 100.000 businesses of all sizes.


 

Matching articles on the topic

Companies spend 10 billion euros on cybersecurity

Germany is arming itself against cyber attacks and is investing more than ever in IT and cyber security. In the current year the ➡ Read more

Qakbot remains dangerous

Sophos X-Ops has discovered and analyzed a new variant of the Qakbot malware. These cases first appeared in mid-December and they ➡ Read more

VexTrio: most malicious DNS threat actor identified

A DNS management and security provider has exposed and blocked VexTrio, a complex criminal affiliate program. This increases cybersecurity. ➡ Read more

A comeback from Lockbit is likely

It is fundamentally important for Lockbit to be visible again quickly. Victims are presumably less willing to pay as long as there are rumors ➡ Read more

LockBit is alive

A few days ago, international law enforcement authorities scored a decisive blow against Lockbit. According to a comment from Chester Wisniewski, Director, Global ➡ Read more

Cyber ​​danger Raspberry Robin

A leading provider of an AI-powered, cloud-delivered cybersecurity platform warns about Raspberry Robin. The malware was first released in the year ➡ Read more

New scam Deep Fake Boss

Unlike classic scams such as the email-based boss scam, the Deep Fake Boss method uses high-tech manipulation ➡ Read more

Classification of the LockBit breakup

European and American law enforcement authorities have managed to arrest two members of the notorious LockBit group. This important strike against the ransomware group ➡ Read more