OpenAI released ChatGPT, a new interface for its Large Language Model (LLM), at the end of November 2022 and it caused a stir in the AI world. But, turns out it also made the cyber threat landscape more exciting as it became clear that code generation could help less-skilled hackers launch cyberattacks with ease.

In the past, we’ve talked about our use of ChatGPT to write phishing emails for our phishing simulator. In that use case, ChatGPT excels. Now, the news about ChatGPT and cybersecurity is how ChatGPT is being used to write malicious software, not just fake text for phishing emails.

Check Point Research (CPR) looked into this and found that some cybercriminals are already using OpenAI tech to develop malicious tools. Some of these criminals have no dev skills at all, but it's only a matter of time until more sophisticated hackers figure out how to use AI-based tools to improve and/or scale their attacks.

CPR analyzed underground hacking communities and found 2 cases of cybercriminals using ChatGPT:

1. A hacker on a popular underground forum shared how he created a Python-based info stealer and a Java program that downloads and runs PuTTY using Powershell. He claimed to have recreated malware strains using ChatGPT.
2. Another hacker, dubbed USDoD, posted a Python script for a multi-layer encryption tool that he claimed to have created with the help of OpenAI. The script performs various crypto ops like key generation, encryption/decryption using different algorithms, and more. While the script could be used for good, it could also easily be modified to encrypt someone's machine without user interaction.

ChatGPT helps write software. lowering the barrier for people with less experience and in some cases making experienced developers more efficient. Now, in only a few months, we are seeing ChatGPT write malicious software, lowering the barrier for cyber attackers. As cyber-attacks continue to be profitable, tools like ChatGPT will be desirable to attackers.