Check Point finds potential cybercrime scenarios in ChatGPT4


Check Point Research (CPR), on March 2023, released a report about finding five scenarios that will act as a catalyst for cybercriminals in executing massive malicious attacks produced or programmed by ChatGPT4. This is their first analysis of the AI, and their findings are worrisome. The five scenarios of the potential malicious use of ChatGPT4 include:

  • C++ Malware that collects PDF files and sends them to FTP
  • Phishing: impersonation of a bank
  • Phishing: emails to employees
  • Java program that can download and execute putty that can launch as a hidden Powershell, and
  • PHP Reverse Shell.

The team agreed that threat actors could bypass ChatGPT restrictions easily despite the presence of security features to regulate such menace in ChatGPT4. The team gave another shocking revelation saying that non-technical actors can create malware using ChatGPT4 easily without much hard work.

Mr Oded Vanunu, the head of product vulnerability research at Check Point Software, in the report said: “After finding several ways in which ChatGPT can be used by hackers, and actual cases where it was, we spent the last 24 hours to see whether anything changed with the newest version of ChatGPT. While the new platform clearly improved on many levels, we can, however, report that there are potential scenarios where bad actors can accelerate cybercrime in ChatGPT4. ChatGPT4 can empower bad actors, even non-technical ones, with the tools to speed up and validate their activity. Bad actors can use ChatGPT4’s quick responses to overcome technical challenges in developing malware. What we are seeing is that ChatGPT can serve both good and bad actors. Good actors can use ChatGPT to craft and stitch code that is useful to society; but simultaneously, bad actors can use this AI technology for rapid execution of cybercrime. As AI plays a significant and growing role in cyber attacks and defence, we expect this platform to be used by hackers as well, and we will spend the following days to better understand how”.

“CPR's analysis of a thread called "ChatGPT - Benefit of Malware", which appeared on the dark web in late 2022, confirmed the publisher's claim. The publisher boasts of ChatGPT's ability to create malware and includes a Python-based stealer code that searches for common file types, copies them to a random folder inside the temp folder, ZIPs them and uploads them to a hardcoded FTP server. The team continues to monitor the situation and warns Internet users to prepare for the war ahead.