OpenAI blocks state-sponsored hackers from using ChatGPT

OpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its artificial intelligence chatbot, ChatGPT. The AI research organization took action against specific accounts associated with the hacking groups that were misusing its large language model services for malicious purposes after receiving key information from Microsoft's Threat Intelligence team.
Forest Blizzard [Russia]: Utilized ChatGPT to conduct research into satellite and radar technologies pertinent to military operations and to optimize its cyber operations with scripting enhancements.
Emerald Sleet : Leveraged ChatGPT for researching North Korea and generating spear-phishing content, alongside understanding vulnerabilities and troubleshooting web technologies.
Crimson Sandstorm [Iran]: Engaged with ChatGPT for social engineering assistance, error troubleshooting,.
Charcoal Typhoon [China]: Interacted with ChatGPT to assist in tooling development, scripting, comprehending cybersecurity tools, and generating social engineering content.
Salmon Typhoon [China]: Employed LLMs for exploratory inquiries on a wide range of topics, including sensitive information, high-profile individuals, and cybersecurity, to expand their intelligence-gathering tools and evaluate the potential of new technologies for information sourcing.
Generally, the threat actors used the large language models to enhance their strategic and operational capabilities, including reconnaissance, social engineering, evasion tactics, and generic information gathering.
None of the observed cases involve the use of LLMs for directly developing malware or complete custom exploitation tools.
Instead, actual coding assistance concerned lower-level tasks such as requesting evasion tips, scripting, turning antivirus off, and generally the optimization of technical operations.
In January, a report from the United Kingdom's National Cyber Security Centre predicted that by 2025 the operations of sophisticated advanced persistent threats will benefit from AI tools across the board, especially in developing evasive custom malware.
Last year according to OpenAI's and Microsoft's findings, there was an uplift in APT attack segments like phishing/social engineering, but the rest was rather exploratory.
OpenAI says it will continue to monitor and disrupt state-backed hackers using specialized monitoring tech, information from industry partners, and dedicated teams tasked with identifying suspicious usage patterns.
OpenAI rolls out imperfect fix for ChatGPT data leak flaw.
UK says AI will empower ransomware over the next two years.
Turla hackers backdoor NGOs with new TinyTurla-NG malware.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 15 Feb 2024 16:00:21 +0000


Cyber News related to OpenAI blocks state-sponsored hackers from using ChatGPT

Sam Altman's Return As OpenAI CEO Is A Relief-and Lesson-For Us All - The sudden ousting of OpenAI CEO Sam Altman on Friday initially seemed to suggest one thing: he must have done something really, really bad. Possibly illegal. So when OpenAI's board of directors publicly announced that Altman was fired after "Failing ...
11 months ago Forbes.com
XSS Marks the Spot: Digging Up Vulnerabilities in ChatGPT - With its widespread use among businesses and individual users, ChatGPT is a prime target for attackers looking to access sensitive information. In this blog post, I'll walk you through my discovery of two cross-site scripting vulnerabilities in ...
9 months ago Imperva.com
Locking Down ChatGPT: A User's Guide to Strengthening Account Security - OpenAI officials said that the user who reported his ChatGPT history was a victim of a compromised ChatGPT account, which resulted in the unauthorized logins. OpenAI has confirmed that the unauthorized logins originate from Sri Lanka, according to an ...
9 months ago Cysecurity.news
OpenAI blocks state-sponsored hackers from using ChatGPT - OpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its artificial intelligence chatbot, ChatGPT. The AI research organization took action against specific accounts associated ...
9 months ago Bleepingcomputer.com
How Are Security Professionals Managing the Good, The Bad and The Ugly of ChatGPT? - ChatGPT has emerged as a shining light in this regard. Already we're seeing the platform being integrated into corporate systems, supporting in areas such as customer success or technical support. The bad: The risks surrounding ChatGPT. Of course, ...
11 months ago Cyberdefensemagazine.com
Google Researchers' Attack Prompts ChatGPT to Reveal Its Training Data - A team of researchers primarily from Google's DeepMind systematically convinced ChatGPT to reveal snippets of the data it was trained on using a new type of attack prompt which asked a production model of the chatbot to repeat specific words forever. ...
11 months ago 404media.co
How enterprises are using gen AI to protect against ChatGPT leaks - ChatGPT is the new DNA of shadow IT, exposing organizations to new risks no one anticipated. Enterprise workers are gaining a 40% performance boost thanks to ChatGPT based on a recent Harvard University study. A second study from MIT discovered that ...
10 months ago Venturebeat.com
ChatGPT Clone Apps Collecting Personal Data on iOS, Play Store - On Android devices, one of the apps analyzed by researchers has more than 100,000 downloads, tracks, and shares location data with ByteDance and Amazon, etc. ChatGPT, the AI software, has already taken the Internet by storm, and that is why ...
1 year ago Hackread.com
Microsoft Invests Billions in OpenAI – Innovator in Chatbot and GPT Technology - Microsoft has announced a $1 billion investment in OpenAI, the San Francisco-based artificial intelligence (AI) research and development firm. Founded by tech moguls Elon Musk and Sam Altman, OpenAI is a leader in AI technology, and the investment ...
1 year ago Securityweek.com
OpenAI's board might have been dysfunctional-but they made the right choice. Their defeat shows that in the battle between AI profits and ethics, it's no contest - The drama around OpenAI, its board, and Sam Altman has been a fascinating story that raises a number of ethical leadership issues. What are the responsibilities that OpenAI's board, Sam Altman, and Microsoft held during these quickly moving events? ...
11 months ago Fortune.com
OpenAI Reveals ChatGPT Is Being DDoS-ed - ChatGPT developer OpenAI has admitted the cause of intermittent outages across its flagship generative AI offering over the past day: distributed denial of service attacks. According to the developer's status page, ChatGPT and its API have been ...
11 months ago Infosecurity-magazine.com
ChatGPT Extensions Could be Exploited to Steal Data and Sensitive Information - API security professionals Salt Security have released new threat research from Salt Labs highlighting critical security flaws within ChatGPT plugins, presenting a new risk for enterprises. Plugins provide AI chatbots like ChatGPT access and ...
8 months ago Itsecurityguru.org
OpenAI rolls out imperfect fix for ChatGPT data leak flaw - OpenAI has mitigated a data exfiltration bug in ChatGPT that could potentially leak conversation details to an external URL. According to the researcher who discovered the flaw, the mitigation isn't perfect, so attackers can still exploit it under ...
10 months ago Bleepingcomputer.com
Google to Announce Chat-GPT Rival On February 8 Event - There seems to be a lot of consternation on Google's part at the prospect of a showdown with ChatGPT on the February 8 event. The search giant has been making moves that suggest it is preparing to enter the market for large language models, where ...
1 year ago Cybersecuritynews.com
UK Scrutiny Of Microsoft Partnership With OpenAI - CMA seeks feedback about the relationship between Microsoft and OpenAI, and whether it has antitrust implications. Microsoft, it should be remembered, was firmly rebuked for its conduct by the CMA in October after the UK regulator reversed its ...
11 months ago Silicon.co.uk
OpenAI's Sora Generates Photorealistic Videos - OpenAI released on Feb. 15 an impressive new text-to-video model called Sora that can create photorealistic or cartoony moving images from natural language text prompts. Sora isn't available to the public yet; instead, OpenAI released Sora to red ...
9 months ago Techrepublic.com
ChatGPT Maker OpenAI Raises $6.6bn In Funding | Silicon UK - Last week when OpenAI’s ‘for profit’ restructuring move was revealed, three senior executives abruptly announced they were departing, including Chief Technology Officer Mira Murati, VP Research Barret Zoph, and Chief Research ...
1 month ago Silicon.co.uk
Are you sure you want to share that with ChatGPT? How Metomic helps stop data leaks - Open AI's ChatGPT is one of the most powerful tools to come along in a lifetime, set to revolutionize the way many of us work. Workers aren't content to wait until organizations work this question out, however: Many are already using ChatGPT and ...
9 months ago Venturebeat.com
Malicious GPT Can Phish Credentials, Exfiltrate Them to External Server: Researcher - A researcher has shown how malicious actors could create custom GPTs that can phish for user credentials and exfiltrate the stolen data to an external server. Researchers Johann Rehberger and Roman Samoilenko independently discovered in the spring of ...
10 months ago Securityweek.com
OpenAI's New GPT Store May Carry Data Security Risks - A new kind of app store for ChatGPT may expose users to malicious bots, and legitimate ones that siphon their data to insecure, external locales. ChatGPT's fast rise in popularity, combined with the open source accessibility of the early GPT models, ...
10 months ago Darkreading.com
Foreign states already using ChatGPT maliciously, UK IT leaders believe - Most UK IT leaders believe that foreign states are already using the ChatGPT chatbot for malicious purposes against other nations. That's according to a new study from BlackBerry, which surveyed 500 UK IT decision makers revealing that, while 60% of ...
1 year ago Csoonline.com
Latest Information Security and Hacking Incidents - OpenAI has addressed significant security flaws in its state-of-the-art language model, ChatGPT, which has become widely used, in recent improvements. Although the business concedes that there is a defect that could pose major hazards, it reassures ...
10 months ago Cysecurity.news
The Emergence of AI In the Enterprise: Know the Security Risks - As is often the case with any new, emerging technology, using AI comes with security risks, and it's essential to understand them and impose the proper guardrails around them to protect company, customer, and employee data. There are real, tangible ...
11 months ago Cyberdefensemagazine.com
Researchers Uncover Simple Technique to Extract ChatGPT Training Data - Can getting ChatGPT to repeat the same word over and over again cause it to regurgitate large amounts of its training data, including personally identifiable information and other data scraped from the Web? The answer is an emphatic yes, according to ...
11 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)