<- Back to all blog posts

Real-world Examples of ChatGPT used by Cyber-attackers

January 30, 2023

Are you searching for a way to enhance your organization's security awareness training? Look no further than Haekka! Schedule a demo with us to discover how we can help you reduce costs by 75% while boosting employee satisfaction with our training by 81%.
Schedule a demo

OpenAI released ChatGPT, a new interface for its Large Language Model (LLM), at the end of November 2022 and it caused a stir in the AI world. But, turns out it also made the cyber threat landscape more exciting as it became clear that code generation could help less-skilled hackers launch cyberattacks with ease.

In the past, we’ve talked about our use of ChatGPT to write phishing emails for our phishing simulator. In that use case, ChatGPT excels. Now, the news about ChatGPT and cybersecurity is how ChatGPT is being used to write malicious software, not just fake text for phishing emails.

Check Point Research (CPR) looked into this and found that some cybercriminals are already using OpenAI tech to develop malicious tools. Some of these criminals have no dev skills at all, but it's only a matter of time until more sophisticated hackers figure out how to use AI-based tools to improve and/or scale their attacks.

CPR analyzed underground hacking communities and found 2 cases of cybercriminals using ChatGPT:

  1. A hacker on a popular underground forum shared how he created a Python-based info stealer and a Java program that downloads and runs PuTTY using Powershell. He claimed to have recreated malware strains using ChatGPT.
  2. Another hacker, dubbed USDoD, posted a Python script for a multi-layer encryption tool that he claimed to have created with the help of OpenAI. The script performs various crypto ops like key generation, encryption/decryption using different algorithms, and more. While the script could be used for good, it could also easily be modified to encrypt someone's machine without user interaction.

ChatGPT helps write software. lowering the barrier for people with less experience and in some cases making experienced developers more efficient. Now, in only a few months, we are seeing ChatGPT write malicious software, lowering the barrier for cyber attackers. As cyber-attacks continue to be profitable, tools like ChatGPT will be desirable to attackers.

Schedule a demo

Start delivering training via Slack today.

Get started with a free trial by scheduling a demo today. One of our training experts will walk you through a live Haekka demo.

Excellent! We received your demo request. You should be redirected to our scheduling system. If you ran into an issue, please contact us.
Hmm. Something went wrong while submitting your form.
Please refresh and try again.
Security Awareness and Phishing Protection | Haekka User Interface

Unleash your organization's security awareness superpowers with our expert guidance.

Maximize your organization's security training budget with our program that saves you 75% on annual costs while boosting employee comprehension and satisfaction.

Schedule Your Demo Today