From now on throw The chatGPT AI bot has been tested on a wide range of tasks: it not only answers questions, but also writes technical articles, essays, poems and computer codes. As it turned out, the latter should be paid close attention, because this code can be harmful if the user sets such a task for artificial intelligence.
Image source: Moritz Erken / unsplash.com
Cybersecurity experts at Check Point Research have released report, which described how members of hacker forums use ChatGPT to write malicious code and phishing emails – some of these people have little or no programming experience. One of the above examples describes a Python script that, with some modifications, can be turned into ransomware that can encrypt data on a user’s computer. Another Python script created by ChatGPT searches for files of a certain type, for example PDF, on the local machine, compresses them and sends them to a potential attacker’s server – this is a standard information theft scenario.
In Java, the Neural Network has created code that performs a covert download of the PuTTY SSH and telnet client for subsequent launch of the PowerShell interface. In another example, a script written by ChatGPT was intended to launch an online trading platform where compromised accounts, bank card data, malware, and other virtual goods sold on the dark web are bought or traded. The script has been connected to a third-party interface to get up-to-date data on the quotes of the most popular cryptocurrencies to simplify the calculations.
The same researchers of Check Point Research have tried to use a neural network to simulate a hacker attack: the AI ”has not failed”. The bot kindly created a convincing phishing email for them, informing them that their account had been blocked by one of the hosts and prompting them to open the attached Excel file. After several attempts, ChatGPT also wrote a malicious VBA macro embedded in this file. But the specialized AI code generation system Codex turned out to be a much more powerful tool, with which the researchers received a whole set of malware: the Reverse Shell interface and scripts for scanning ports, detection of sandbox and compiling Python code into a Windows executable file.
If you notice an error, select it with the mouse and press CTRL + ENTER.
