Despite the presence of safeguards in ChatGPT4, some restrictions can be easily circumvented, enabling threat actors to achieve their objectives without much hindrance. CPR warns of ChatGPT4’s potential to accelerate cybercrime execution and will continue its analysis of the platform in the following days.
Check Point Research (CPR) has taken an initial look into ChatGPT4 and finds various scenarios that allow threat actors to streamline malicious efforts and preparations, resulting in quicker and more precise outcomes to accelerate cybercrime.
In certain instances, these scenarios empower non-technical individuals to create harmful tools, as if the process of coding, constructing, and packaging is a simple recipe.
CPR is sharing five scenarios of potentially malicious use of ChatGPT4.
- C++ Malware that collects PDF files and sends them to FTP
- Phishing: Impersonation of a bank
- Phishing: Emails to employees
- PHP Reverse Shell
- Java program that downloads and executes putty that can launch as a hidden powershell
Oded Vanunu, Head of Products Vulnerabilities Research at Check Point Software shares “After finding several ways in which ChatGPT can be used by hackers, and actual cases where it was, we spent the last 24 hours to see whether anything changed with the newest version of ChatGPT. While the new platform clearly improved on many levels, we can, however, report that there are potential scenarios where bad actors can accelerate cybercrime in ChatGPT4. ChatGPT4 can empower bad actors, even non-technical ones, with the tools to speed up and validate their activity. Bad actors can also use ChatGPT4’s quick responses to overcome technical challenges in developing malware. What we’re seeing is that ChatGPT4 can serve both good and bad actors. Good actors can use ChatGPT to craft and stitch code that is useful to society; but simultaneously, bad actors can use this AI technology for rapid execution of cybercrime. As AI plays a significant and growing role in cyber attacks and defense, we expect this platform to be used by hackers as well, and we will spend the following days to better understand how.”
Deep-dive into 5 Scenarios
Scenario 1: C++ Malware that collects PDF files and sends them to FTP (address 1.1.1.1)