Security researcher creates advanced malware with ChatGPT

Share post:

A security researcher, Aaron Mulgrew has designed a highly sophisticated virus using ChatGPT.

Initially, the program was meant to prevent harmful usage by incorporating safeguards that prohibit the tool from writing code for the production of dangerous software. The researcher, however, was able to circumvent these precautions by instructing ChatGPT to generate malware function by function using simple commands.

This particular malware is a sophisticated data-stealing application that may go unnoticed on computers. It is the sort of zero-day assault used by nation-states in sophisticated attacks. The researcher used ChatGPT to accomplish this in a matter of hours, whereas it would take a team of hackers many weeks to construct such malware.

To escape detection, the virus enters a computer via a screen saver program and auto-executes after a brief pause. The virus then scans the target system for photos, PDFs, and Word documents, dividing them into smaller bits and disguising the data in the images using steganography. Finally, the photos containing the data fragments are transferred to a Google Drive folder, which likewise prevents discovery.

In a VirusTotal test, just five out of 69 antivirus software recognized the original version of the ChatGPT malware. However, the researcher was able to remove them all in a later edition. Only three antivirus programs detected the final “commercial” version, which operated from penetration through exfiltration.

The findings were obtained without the use of any code and just via the use of ChatGPT prompts. A team of five to ten malware developers, according to Mulgrew, would need many weeks to create an analogous assault without AI-based Chatbot support.

While Mulgrew’s malware is not expected to be released, the incident raises concerns about the potential misuse of ChatGPT by cybercriminals to create advanced malware attacks. This could result in significant damage to individuals, businesses, and even nation-states.

The sources for this piece include an article in BGR.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways