Posted by Mumbai: Are cybercriminals now working on AI-powered Cybercrime by experimenting with the use of ChatGPT and AI/ML-backed LLMs? Yes, that’s what Kaspersky’s Digital Footprint Intelligence service has discovered in the dark web.
AI-powered Cybercrime
Kaspersky’s Digital Footprint Intelligence service found nearly 3000 dark web posts mainly discussing the use of ChatGPT and other LLMs for illegal activities. Threat actors are exploring schemes, from creating nefarious alternatives of the chatbot to jailbreaking the original and beyond. Stolen ChatGPT accounts and services offering their automated creation en masse are also flooding dark web channels, reaching another 3000 posts.
In 2023, Kaspersky Digital Footprint Intelligence service discovered nearly 3000 posts on the dark web, discussing the use of ChatGPT for illegal purposes or talking about tools that rely on AI technologies. It does give a hint of how AI-powered Cybercrime will be the next frontier of cybercrooks going ahead.
ChatGPT and AI
“Threat actors are actively exploring various schemes to implement ChatGPT and AI. Topics frequently include the development of malware and other types of illicit use of language models, such as processing of stolen user data, parsing files from infected devices, and beyond,” said Alisa Kulishenko, Digital Footprint Analyst at Kaspersky.
“The popularity of AI tools has led to the integration of automated responses from ChatGPT or its equivalents into some cybercriminal forums. In addition, threat actors tend to share jailbreaks via various dark web channels – special sets of prompts that can unlock additional functionality – and devise ways to exploit legitimate tools, such as those for pentesting, based on models for malicious purposes,” explained Kulishenko.
Apart from the chatbot and artificial intelligence mentioned, considerable attention is being given to projects like XXXGPT, FraudGPT, and others. These language models are marketed on the dark web as alternatives to ChatGPT, boasting additional functionality and the absence of original limitations.
Stolen ChatGPT accounts for sale
In 2023, another 3000 posts (in addition to the previously mentioned ones) advertising ChatGPT accounts for sale were identified across the dark web and shadow Telegram channels. These posts either distribute stolen accounts or promote auto-registration services massively creating accounts on request. Notably, certain posts were repeatedly published across multiple dark web channels. The dynamics of dark web posts offering stolen ChatGPT accounts or auto-registration services.
Generative AI and Chatbots, Cyberattacks
“While AI tools themselves are not inherently dangerous, cybercriminals are trying to come up with efficient ways of using language models, thereby fueling a trend of lowering the entry barrier into cybercrime and, in some cases, potentially increasing the number of cyberattacks. However, it’s unlikely that generative AI and chatbots will revolutionise the attack landscape – at least in 2024,” added Kulishenko.
“The automated nature of cyberattacks often means automated defences. Nonetheless, staying informed about attackers’ activities is crucial to being ahead of adversaries in terms of corporate cybersecurity,” concluded Kulishenko.