Threat actors use ChatGPT to write malware
Oct. 14, 2024, 10:47 a.m.
Tags
External References
Description
OpenAI has disrupted over 20 malicious cyber operations abusing ChatGPT for various purposes, including malware development and spear-phishing attacks. The company confirmed cases involving Chinese and Iranian threat actors. SweetSpecter, a Chinese group, targeted OpenAI employees with phishing emails and used ChatGPT for reconnaissance and social engineering. CyberAv3ngers, an Iranian group, utilized the AI tool for developing scripts, planning post-compromise activities, and exploiting vulnerabilities. Another Iranian group, Storm-0817, employed ChatGPT to create Android malware and supporting infrastructure. These cases demonstrate that generative AI tools can enhance offensive cyber operations, particularly for low-skilled actors, across all stages of an attack.
Date
Published: Oct. 14, 2024, 10:23 a.m.
Created: Oct. 14, 2024, 10:23 a.m.
Modified: Oct. 14, 2024, 10:47 a.m.
Attack Patterns
SugarGh0st RAT
SweetSpecter, CyberAv3ngers, Storm-0817
T1555.001
T1589
T1588
T1587
T1583.003
T1555.003
T1583
T1114
T1056.001
T1555
T1113
T1005
T1590
T1595
T1102
T1592
T1566
T1190
T1059
Additional Informations
Technology
Energy
Government
Iran, Islamic Republic of
Jordan
China
Pakistan