In a concerning development, cybersecurity firm WithSecure has uncovered evidence of threat actors utilizing ChatGPT, the world’s most popular chatbot, to create new and highly evasive strains of malware. With the ability to generate a vast number of malware variations, ChatGPT poses a significant challenge for detection and mitigation efforts.
Unlike traditional malware development, which requires substantial time, effort, and expertise, bad actors can leverage ChatGPT by providing it with examples of existing malware code. By instructing the AI model to generate new strains based on these examples, threat actors can propagate malware with relative ease.
The absence of regulatory measures surrounding ChatGPT’s use when it initially gained popularity in November of last year has contributed to its exploitation for malicious purposes. Within a month of its launch, the chatbot was already hijacked to craft malicious emails and files. Although there are internal safeguards within the model to prevent malicious prompts, threat actors have discovered methods to bypass them.
Juhani Hintikka, CEO at WithSecure, highlighted that AI has traditionally been employed by cybersecurity defenders to identify and combat manually developed malware. However, the widespread availability of potent AI tools such as ChatGPT has reversed the situation. The illicit use of AI tools parallels the history of remote access tools, which were initially employed for unauthorized activities and now serve as AI enablers for threat actors.
Tim West, head of threat intelligence at WithSecure, emphasized that ChatGPT facilitates software engineering both for positive and negative purposes, substantially lowering the barrier for threat actors to create malware. As AI models continue to advance, the detection of phishing emails, often discernible by humans, may become more challenging in the near future.
Moreover, with the rising success rate of ransomware attacks, threat actors are reinvesting their resources and expanding their operations by outsourcing and enhancing their understanding of AI. Looking ahead, Hintikka concludes that the future cybersecurity landscape will revolve around a battle between “good AI” and “bad AI.”
As the threats posed by ChatGPT-powered malware continue to evolve, it becomes crucial for regulatory bodies, AI developers, and cybersecurity professionals to collaborate on proactive measures to counter these emerging risks and safeguard digital ecosystems.
