Security researchers have observed a notable surge in dark web discussions regarding the illicit use of ChatGPT and other Large Language Models (LLMs), according to findings from Kaspersky’s Digital Footprint Intelligence service in 2023.
Nearly 3000 dark web posts were identified, focusing on a spectrum of cyber-threats, from creating malicious chatbot versions to exploring alternative projects like XXXGPT and FraudGPT.
While the peak in chatter occurred in March last year, ongoing discussions indicate a sustained interest in exploiting AI technologies for illegal activities.
According to the data shared by Kaspersky with Infosecurity, cybercriminals are actively exploring various schemes to implement ChatGPT and AI, including malware development and the illicit use of language models.
“Threat actors are actively exploring various schemes to implement ChatGPT and AI. Topics frequently include the development of malware and other types of illicit use of language models, such as processing of stolen user data, parsing files from infected devices and beyond,” explained Alisa Kulishenko, digital footprint analyst at Kaspersky.
The security expert added the prevalence of AI tools has also resulted in the incorporation of automated responses from ChatGPT or its equivalents into some cybercriminal forums.
“In addition, threat actors tend to share jailbreaks via various dark web channels – special sets of prompts that can unlock additional functionality – and devise ways to exploit legitimate tools, such as those for pen-testing, based on models for malicious purposes,” Kulishenko said.
Read more on ChatGPT-enabled attacks: New ChatGPT Attack Technique Spreads Malicious Packages
Another concerning aspect revealed by Kaspersky is the market for stolen ChatGPT accounts, with an additional 3000 posts advertising these accounts for sale across the dark web. This market poses a significant threat to users and companies, with posts either distributing stolen accounts or promoting auto-registration services that mass-create accounts on request.
In response to these findings, Kaspersky recommended implementing reliable endpoint security solutions and dedicated services to combat high-profile attacks and minimize potential consequences.
Image credit: photosince / Shutterstock.com