Since the roll out of Open AI’s publicly accessible ChatGPT (Generative Pre-training Transformer) on November 30, 2022, ChatGPT has been subject to widespread attention both in the Clearnet and “DarkWeb”. ChatGPT is based on the GPT architecture and was first released in 2019. Since then, it has undergone several updates and major changes.
The GPT model was trained on a large corpus of text data and is capable of understanding and responding to a wide range of topics and prompts. This makes it highly versatile and well-suited for a variety of natural language processing (NLP) tasks, including question answering, language translation, text summation, and even creative writing. One of the key strengths of ChatGPT is its ability to generate highly coherent and contextually appropriate text, which is why it is often used in applications such as chatbots, virtual assistants, and automated writing. Among the proposed benefits of ChatGPT include the automation of engineering tasks, software development, applications for data science and analytics, and more.
ChatGPT has been verified by many experts that the technology could be used to write phishing emails or even social engineer techniques such as business email compromise (BEC), romance scams, sextortion, honeytrapping, and customer service impersonation. Experts have even debated if ChatGPT could be used in nefarious and malicious ways to include developing malware. Utilizing existing malware source code and theoretically write varied infostealers, RATs, crypters, cryptocurrency clippers and drainers, in different coding languages such as Java and Golang.. There are current protections inside ChatGPT in order to prevent the use of the technology for nefarious purposes and flag potential malicious behavior, which if flagged the request will not execute. Some experts have been able to successfully subvert the protection protocols by means of adjusting syntactical workarounds.
Some experts have argued that the use of ChatGPT should be banned in places such as schools due to its potential for enabling plagiarism and systemic cheating on homework, writing assignments, and take-home exams. A student from Princeton University has developed an application(GPTZero) that has been able to determine if an essay was ChatGPT or human produced. Some experts believe that its open registration policy also makes it easily accessible for threat actors interested in developing malware, gaining unauthorized access to networks, or coordinating convincing phishing campaigns. Cybercriminals have quickly caught on to this functionality of ChatGPT, monetizing fraudulent freelance work that uses ChatGPT to automate contracted tasks. Threat actors also claim to have written e-books with ChatGPT, which they have allegedly listed for sale under false pen names on popular marketplaces. With the rise of ChatGPT in popularity on “DarkWeb” and special-access forums also comes an influx of threat actors asking to register untraceable, unattributed, or fraudulent accounts with OpenAI that violate the ChatGPT community standards. Threat actors have realized that, due to the enthusiasm surrounding ChatGPT and its potential for abuse, there is financial opportunity in marketing ChatGPT malware, templates, tutorials, and other “black hat” content for sale in order to scam unsuspecting “script kiddies” who might not be able to tell the difference between useful and useless code.
Multiple Threat Intelligence articles have been written of threat actors and cybercriminals’ ability to use the technology to conduct malicious and nefarious activity, yet some experts have also been looking to utilize the technology to use in more cybersecurity blue team fashion. Some research is still being conducted on the topic of using ChatGPT to automate tasks in GRC, automation of threat intelligence collection and modeling, identifying patterns in malware, and more. Whether being used for benevolent or malicious purposes, ChatGPT and other Artificial Intelligence solutions have become the new normal and will inevitably become more advanced as the technology improves.
This article has been human generated.
Knowledge is certainly power, and it can help you overcome any fear of the unexpected. This is also true in the world of cybersecurity where the ability know and understand more about the activities of threat actors strengthens organizations to do more about the dangers and risks organizations and its personnel face.
At RSM Defense, we leverage the power of our vast RSM network of clients to enhance visibility into your organizations threat landscape and provide tactical context around threats to your organization regardless of industry or location. This makes RSM Defense’s array of threat intelligence services uniquely intelligent and enables our clients to be proactive rather than reactive. RSM Defense has decades of experience in global cyber defense operations, specifically specializing in cyber threat intelligence collections and reporting.
Unmatched in dark web intelligence, our RSM Defense team continuously aggregates sophisticated techniques, tactics and procedures of known threat actors. RSM Defense utilizes technology that continuously monitors the dark web landscape of victim notifications posted on threat actor sites for clients and their third-party affiliates. RSM Defense delivers comprehensive and holistic threat management services that include but not limited to credential exposure monitoring to help prevent digital extortion attacks, dynamic malware analysis services, as well as continuous stream of customized threat intelligence reporting and mitigation recommendations that will help reduce your organizations overall attack surface to vulnerability intelligence to executive personnel monitoring to third party risk and supply chain intelligence services. We strive to assist clients in avoiding costly insurance liability payments, digital extortion attacks, as well as protection of brand, assets, and networks against security breaches.
If you or your client wishes to receive additional information pertaining to RSM Defense’s wide array of threat intelligence services and technologies to protect you or your clients’ assets, brand reputation, and financial interests, please reach out to your RSM representative for more information.