Threat actors are showing an increased interest in generative artificial intelligence tools, with hundreds of thousands of OpenAI credentials for sale on the dark web and access to a malicious alternative for ChatGPT.
Both less skilled and seasoned cybercriminals can use the tools to create more convincing phishing emails that are customized for the intended audience to grow the chances of a successful attack.
Hackers tapping into GPT AI
In six months, the users of the dark web and Telegram mentioned ChatGPT, OpenAI’s artificial intelligence chatbot, more than 27,000 times, shows data from Flare, a threat exposure management company, shared with BleepingComputer.
Analyzing dark web forums and marketplaces, Flare researchers noticed that OpenAI credentials are among the latest commodities available.
The researchers identified more than 200,000 OpenAI credentials for sale on the dark web in the form of stealer logs.
Compared to the estimated 100 million active users in January, the count seems insignificant but it does show that threat actors see in generative AI tools some potential for malicious activity.
A report in June from cybersecurity company Group-IB said that illicit marketplaces on the dark web traded logs from info-stealing malware containing more than 100,000 ChatGPT accounts.
Cybercriminals’ interest in these utilities has been piqued to the point that one of them developed a ChatGPT clone named WormGPT and trained it on malware-focused data.
The tool is advertised as the “best GPT alternative for blackhat” and a ChatGPT alternative “that lets you do all sorts of illegal stuff.”
WormGPT dev promoted tool on cybercriminal forumsource: SlashNext
..
Support the originator by clicking the read the rest link below.
