ChatGPT has grabbed eyeballs for its intuitive conversational abilities globally. The artificial intelligence (AI)-powered solution, which is created by independent research body OpenAI, relies on machine learning for training. There are people who swear by the AI chatbot’s abilities and those that call it a virus let loose. OpenAI CEO and co-founder Sam Altman said ChatGPT “is incredibly limited” and that it may be a mistake to rely too much on it. However, a new report from research firm CheckPoint shows that it can help hackers write phishing emails and malicious codes.
ChatGPT brings risks
ChatGPT has been getting praise for its ability to generate well-written code and aid the development process. The CheckPoint Research report reveals that this very ability of OpenAI’s new interface for its Large Language Model (LLM) can help cyber criminals in their malicious social engineering attack vectors, especially when the world of cybersecurity is rapidly changing.
“It is critical to emphasise the importance of remaining vigilant on how this new and developing technology can affect the threat landscape, for both good and bad. While this new technology helps defenders, it also lowers the required entrance bar for low skilled threat actors to run phishing campaigns and to develop malware,” a report by CheckPoint Research said.
You can find examples of malicious code or dialogues generated by ChatGPT on Twitter.
ChatGPT brings risks
ChatGPT has been getting praise for its ability to generate well-written code and aid the development process. The CheckPoint Research report reveals that this very ability of OpenAI’s new interface for its Large Language Model (LLM) can help cyber criminals in their malicious social engineering attack vectors, especially when the world of cybersecurity is rapidly changing.
“It is critical to emphasise the importance of remaining vigilant on how this new and developing technology can affect the threat landscape, for both good and bad. While this new technology helps defenders, it also lowers the required entrance bar for low skilled threat actors to run phishing campaigns and to develop malware,” a report by CheckPoint Research said.
You can find examples of malicious code or dialogues generated by ChatGPT on Twitter.
How researchers created an email with ChatGPT that can infect your PC
To illustrate ChatGPT’s capability of creating code, the research firm used ChatGPT and another platform, OpenAI’s Codex, an AI-based system that translates natural language to code to create a full infection flow.
“We did not write a single line of code and instead let the AIs do all the work. We only put together the pieces of the puzzle and executed the resulting attack,” researchers said. Researchers at CheckPoint created “a plausible phishing email” – just like some of us created our assignments – by using Codex and ChatGPT.
Also Read: LaMDA lesson? Google says no to creating ChatGPT rival
The researchers asked ChatGPT to refine the email and include a link urging customers to download an excel sheet. ChatGPT warned the team of content policy violation but the team went ahead to “write a code that can be copied and pasted into an Excel workbook to download an executable from a URL and run it.”
This led to a harmless-looking email with a link that downloads a malicious excel file that can be used to infect a computer. “Although the code and infection flow presented in this article can be defended against using simple procedures, this is just an elementary showcase of the impact of AI research on cybersecurity,” the researchers said.
Is ChatGPT the Google killer? | OpenAI ChatGPT
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
