Cybercrime with ChatGPT

Cybercrime with ChatGPT

Share post

With every improvement in ChatGPT, there is growing concern that it could be misused on a large scale, particularly by cybercrime, and that it would greatly increase the online threat situation.

The past has shown that technological innovations have always been misused by cybercriminals. This certainly also applies to ChatGPT. All sorts of new uses are being devised for this conversational AI. The writing of applications or articles as well as the use as a search engine. In the latest version even to create images. This has certainly not escaped the notice of the cybercriminals. And the fact that ChatGPT is free and has unlimited usage makes it particularly attractive to cybercriminals.

ChatGPT as the author of phishing emails

With the general availability of ChatGPT, concerns about phishing attacks have increased. However, as of this writing and based on current capabilities, the concerns are overblown for a number of reasons. Many socially engineered emails aren't designed to be "perfect" — they're intentionally poorly written to make people more likely to open them. The email body is only part of the attack anyway. Headers, senders, attachments, and URLs are among the many elements that good anti-phishing solutions analyze. And with a convincing content and the best possible formatting of these elements, it is not enough. The cyber criminals need access to much more information to be successful. They need to know who is paying what, when, to whom, and they probably already have access to that information in some other way. They don't necessarily need ChatGPT if, as is often the case, they already have access to the victim's inbox and can just copy an old email.

ChatGPT as a developer of malware

Malware written by ChatGPT does its job no better than human-written ones, which is to bypass an Endpoint Detection and Response (EDR) system and infect a machine more effectively than other toolkits that already exist. On the one hand, a hacker needs something that works time and time again, and there's no evidence that ChatGPT can create that any better than humans. Hackers, on the other hand, need to constantly change certain elements, which ChatGPT is unable to do. Attackers have to change their infrastructure, register domains and move objects because their attempted attacks are constantly detected and destroyed by cybersecurity professionals. Also, malware operators not only have to distribute their malware, but also sell access to it. ChatGPT does not help to automate important parts of this process. It is therefore unlikely that its use will take off to any significant extent unless it surpasses the capabilities of the existing tools, all of which have been developed for this purpose for many years and can do different things than a chatbot. That's not to say it won't be just as good; ChatGPT is clearly making rapid progress, but it's still far from surpassing cybercriminals' existing tools.

Russian hackers

Even if Russian cybercriminals were to use ChatGPT, it would not give them a significant advantage because it certainly cannot replace all the tools and infrastructure that have been developed over decades to write Windows malware. Attackers may use ChatGPT to improve their email grammar or perform longer social engineering attacks, but the nature of the phishing attacks will likely remain the same. Good anti-phishing solutions will continue to detect these threats.

Preliminary all-clear

Certainly, cyber criminals of all persuasions will use ChatGPT to make their job as easy as possible. For the reasons mentioned, however, it is currently not foreseeable that the use of this AI will give new cyber attacks a higher quality. It is not yet the time to sound the alarm.

More at Proofpoint.com

 


About Proofpoint

Proofpoint, Inc. is a leading cybersecurity company. The focus for Proofpoint is the protection of employees. Because these mean the greatest capital for a company, but also the greatest risk. With an integrated suite of cloud-based cybersecurity solutions, Proofpoint helps organizations around the world stop targeted threats, protect their data, and educate enterprise IT users about the risks of cyberattacks.


 

Matching articles on the topic

Cyber ​​danger: HTML smuggling

With HTML smuggling, the malicious file is first created on the user's computer. That's why traditional anti-malware programs and sandboxes detect it ➡ Read more

Prevent malicious software from starting

A cyber protection provider has added a new feature to its security platform. It improves cybersecurity by preventing the launch of malicious or ➡ Read more

I-Soon: China's state-run foreign hackers exposed 

Internally, it is certainly the biggest betrayal of China: an employee of the I-Soon company revealed data and services ➡ Read more

Pikabot: camouflage and deceive

Pikabot is a sophisticated and modular backdoor Trojan that first appeared in early 2023. His most notable quality lies in ability ➡ Read more

LockBit is alive

A few days ago, international law enforcement authorities scored a decisive blow against Lockbit. According to a comment from Chester Wisniewski, Director, Global ➡ Read more

Growing threats over the last year

In 2023, threats have increased significantly. Attacks via encrypted channels have increased by 24 percent. The manufacturing industry is back on track ➡ Read more

Cyber ​​danger Raspberry Robin

A leading provider of an AI-powered, cloud-delivered cybersecurity platform warns about Raspberry Robin. The malware was first released in the year ➡ Read more

Data protection: trends in 2024

What challenges could companies face in the area of ​​data protection this year? And how can you relate to that? ➡ Read more