16 January 2023

Russian hackers attempt to bypass ChatGPT’s restrictions for malicious use


Russian hackers attempt to bypass ChatGPT’s restrictions for malicious use

Russian cybercriminals are looking for ways to bypass OpenAI’s API restrictions to gain access to the ChatGPT chatbot for malicious purposes.

Researchers at Israeli cybersecurity company Check Point have obeserved multiple discussions on underground forums on how to bypass IP addresses, payment cards and phone numbers controls – all of which are needed to gain access to ChatGPT from Russia.

In one instance, cybercriminals were discussing how to use stolen payment cards to pay for upgraded users on OpenAI, while another discussion was focused on how to circumvent geo controls of OpenAI. In addition, there are tutorials in Russian semi legal online SMS services on how to use it to register to ChatGPT.

“It is not extremely difficult to bypass OpenAI’s restricting measures for specific countries to access ChatGPT. Right now, we are seeing Russian hackers already discussing and checking how to get past the geofencing to use ChatGPT for their malicious purposes. We believe these hackers are most likely trying to implement and test ChatGPT into their day-to-day criminal operations. Cyberciminals are growing more and more interested in ChatGPT, because the AI technology behind it can make a hacker more cost-efficient,” Check Point says.

In its previous report the cybersecurity firm highlighted how malicious actors are already taking advantage of the AI-based chatbot to develop malicious tools. Some of the cases demonstrated that many cybercriminals using OpenAI have no development skills at all. The company described three separate cases where less experienced cybercriminals would be able to easily recreate workable malware strains capable of infiltrating a network by following the specific instructions provided to them by ChatGTP.

Back to the list

Latest Posts

What is Vulnerability Management? A Beginner's Guide

What is Vulnerability Management? A Beginner's Guide

In this article will try to cover basics of vulnerability management process and why it is important to every company.
11 September 2024
Cyber Security Week in Review: September 6, 2024

Cyber Security Week in Review: September 6, 2024

In brief: the US charges Russian GRU hackers for attacks on Ukraine, Apache, Cisco, Zyxel patch high-risk flaws, Google fixes Android zero-day, and more.
6 September 2024
Threat actors using MacroPack Red Team framework to deploy Brute Ratel, Havoc and PhantomCore

Threat actors using MacroPack Red Team framework to deploy Brute Ratel, Havoc and PhantomCore

Some of the documents appeared to be part of legitimate Red Team exercises, while other were intended for malicious purposes.
5 September 2024