Russian cybercriminals have been caught trying to circumvent the restrictions on ChatGPT and use the advanced AI chatbot for their own nefarious purposes.
Check Point Research (CPR) said they discovered multiple discussions in underground forums where hackers discussed various methods, including using stolen payment cards to pay for upgraded user accounts on OpenAI, bypassing geo-fence restrictions, and using a “semi-legal Russian SMS service”. online” for ChatGPT registration.
ChatGPT is a new Artificial Intelligence (AI) chatbot that has been making huge headlines for its versatility and ease of use. Cybersecurity researchers have already seen hackers use the tool to create trusted phishing emails, as well as code for malicious and macro-filled Office files.
However, the tool is not easy to misuse because OpenAI has set a number of restrictions. Russian hackers, due to the invasion of Ukraine, have more barriers to overcome.
For Sergey Shekevich, Group Director of Threat Intelligence at Check Point Software Technologies, blockers are not good enough:
“It is not very difficult to bypass OpenAI restriction measures of certain countries to access ChatGPT. At the moment we see Russian hackers already discussing and investigating how to bypass geo-fences to use ChatGPT for their malicious purposes.
> Fake ChatGPT apps are everywhere on Android and iOS app stores
> Hackers use ChatGPT to write malware
> These are the best firewalls out there
We believe these hackers are likely trying to implement and test ChatGPT in their day-to-day criminal operations. Cybercriminals are getting more and more interested in ChatGPT, because the AI technology behind it can make the hacker more cost-effective,” Shekevich said.
But hackers aren’t just looking to use ChatGPT – they’re also trying to take advantage of the tool’s growing popularity to spread all kinds of malware and steal money. For example, Apple’s mobile app repository, the App Store, hosted an app pretending to be a chatbot, but with a monthly subscription that costs about $10. Other apps (some found on Google Play too), charge as much as $15 for the “service”.
- These are the best endpoint protection services out there