ChatGPT is again being used to create malicious content

Crooks quickly found a way around early restrictions

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

It seems that the initial restrictionsOpenAIplaced onChatGPTto prevent the tool from being used for malicious purposes didn’t do much, as crooks quickly found a way around them.

This is according to a new report from Check Point Research (CPR), which claims that even after the restrictions were imposed, crooks managed to use theAI writerto improve the code of a basic infostealer malware from 2019.

Revolutionizing the internet with conversation

ChatGPT is achatbotbuilt by OpenAI, which raised quite a few eyebrows for its conversational style and feats of creativity.Microsoftis already implementing it in its Edgeweb browserand search engine, Bing, promising a revolution in the way people use the internet.

There are two ways to use the tool, either via the web user interface (simple access to ChatGPT, DALLE-2, or the openAI playground), or through Application Programming Interfaces (API), which are used for building applications, processes, and the like. With the API, developers can use their own interface with the OpenAI models and data running in the background.

Protecting your business from the biggest threats onlinePerimeter 81’s Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?)

Microsoft Edge now has its own ChatGPT tool>ChatGPT is being used to create malicious emails and code>These are the best malware removal tools at the moment

While OpenAI placed solid restrictions for web interface users (for example, you can no longer ask the tool towritea phishing email impersonating a bank or a financial institution), restrictions are non-existent for the API approach, the researchers say.

“The current version of OpenAI´s API is used by external applications (for example, the integration of OpenAI’s GPT-3 model to Telegram channels) and has very few if any anti-abuse measures in place. As a result, it allows malicious content creation, such as phishing emails and malware code, without the limitations or barriers that ChatGPT has set on their user interface."

To make matters even worse, this is hardly CPR’s idea. Instead, the researchers say, there is an “active chatter” in the underground forums on this topic, meaning an increasing number of cybercriminals are already aware of the workaround for ChatGPT’s restrictions.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time