Wednesday , October 16 2024
OpenAI

Hackers using ChatGPT create malware, OpenAI confirm

infosecbulletin 3 days ago Cyber Attack

OpenAI has neutralized over 20 malicious cyber operations using its AI chatbot, ChatGPT, for creating malware, spreading misinformation, avoiding detection, and spear-phishing.

The report confirms that since the start of the year, generative AI tools are being used to improve offensive cyber operations. OpenAI’s latest report reveals that Chinese and Iranian threat actors are misusing ChatGPT to improve their operations.

Shadowserver's data
87000+ Fortinet devices still open to attack?

By infosecbulletin / Tuesday , October 15 2024
On Sunday, the Shadowserver Foundation revealed that over 87,000 internet-facing Fortinet devices may still be at risk due to (CVE-2024-23113)...
Read More
Shadowserver's data 87000+ Fortinet devices still open to attack?

Gmail Scam Alert
Billions of Gmail users at risk from sophisticated new AI hack

By infosecbulletin / Monday , October 14 2024
A new sophisticated scam is targeting Gmail users, using artificial intelligence to manipulate them into giving away account access. This...
Read More
Gmail Scam Alert Billions of Gmail users at risk from sophisticated new AI hack

RansomHub Targets Bangladeshi Confidence Group

By infosecbulletin / Monday , October 14 2024
RansomHub targets Bangladeshi Confidence group of companies limited. The rapidly growing RansomHub ransomware group set time to release the data....
Read More
RansomHub Targets Bangladeshi Confidence Group

Hackers using ChatGPT create malware, OpenAI confirm

By infosecbulletin / Sunday , October 13 2024
OpenAI has neutralized over 20 malicious cyber operations using its AI chatbot, ChatGPT, for creating malware, spreading misinformation, avoiding detection,...
Read More
Hackers using ChatGPT create malware, OpenAI confirm

TrackMan exposes nearly 32 Million Records

By infosecbulletin / Saturday , October 12 2024
Nearly 32 million records and about 110 TB of data from Trackman users were left exposed online. This database included...
Read More
TrackMan exposes nearly 32 Million Records

CISA WARNS
CISA Warns of F5 BIG-IP Cookie Exploitation for Network Reconnaissance

By infosecbulletin / Friday , October 11 2024
CISA has issued a warning about a vulnerability in unencrypted persistent cookies in the F5 BIG-IP Local Traffic Manager (LTM)...
Read More
CISA WARNS CISA Warns of F5 BIG-IP Cookie Exploitation for Network Reconnaissance

CVE-2024-9164: GitLab Users Urged to Update Now

By infosecbulletin / Friday , October 11 2024
GitLab, a premier platform for DevOps and continuous integration/continuous delivery has rolled out essential security updates in versions 17.4.2, 17.3.5...
Read More
CVE-2024-9164: GitLab Users Urged to Update Now

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Patches

By infosecbulletin / Thursday , October 10 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its...
Read More
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Patches

Palo Alto Networks issues fix for security flaws, Including CVE-2024-9463

By infosecbulletin / Thursday , October 10 2024
Palo Alto Networks released a security advisory (PAN-SA-2024-0010) about several high-severity vulnerabilities in its Expedition migration tool, with CVSS scores...
Read More
Palo Alto Networks issues fix for security flaws, Including CVE-2024-9463

Microsoft October 2024 Patch: 5 Zero-Days, 118 flaw

By infosecbulletin / Wednesday , October 9 2024
In its recent Patch Tuesday release, Microsoft fixed 118 vulnerabilities, including five zero-day flaws, two of which are currently being...
Read More
Microsoft October 2024 Patch: 5 Zero-Days, 118 flaw

A Chinese threat group named “SweetSpecter” tried to use ChatGPT for research and malware creation. They also attempted spear-phishing attacks on OpenAI employees. Opening the attachments initiated an infection that installed the SugarGh0st RAT on the victim’s system.

The Iranian group “CyberAv3ngers,” linked to the Islamic Revolutionary Guard Corps, posed a serious threat by using ChatGPT to find weaknesses in industrial control systems and create attack scripts for critical infrastructure.

OpenAI reports that a threat group requested ChatGPT to generate default credentials for popular Programmable Logic Controllers (PLCs), create custom bash and Python scripts, and obfuscate code.

Iranian hackers used ChatGPT to plan their actions after compromising systems, learn to exploit vulnerabilities, and decide how to steal user passwords on macOS.

The third case in OpenAI’s report focuses on Storm-0817, a group of Iranian threat actors. The group allegedly used ChatGPT for various tasks, including debugging malware, creating an Instagram scraper, translating LinkedIn profiles into Persian, and developing custom Android malware with the necessary command and control infrastructure.

Malware developed using OpenAI’s chatbot can steal contact lists, call logs, files, take screenshots, access browsing history, and determine the user’s location.

“In parallel, STORM-0817 used ChatGPT to support the development of server side code necessary to handle connections from compromised devices,” reads the Open AI report.

Check Also

ransomware

Prince Ransomware Hits UK and US

A new ransomware campaign is targeting individuals and organizations in the UK and US. The …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2024, All Rights Reserved InfoSecBulletin