Russian hackers attempt to bypass ChatGPT’s restrictions for malicious use

Russian hackers attempt to bypass ChatGPT’s restrictions for malicious use

Russian cybercriminals are looking for ways to bypass OpenAI’s API restrictions to gain access to the ChatGPT chatbot for malicious purposes.

Researchers at Israeli cybersecurity company Check Point have obeserved multiple discussions on underground forums on how to bypass IP addresses, payment cards and phone numbers controls – all of which are needed to gain access to ChatGPT from Russia.

In one instance, cybercriminals were discussing how to use stolen payment cards to pay for upgraded users on OpenAI, while another discussion was focused on how to circumvent geo controls of OpenAI. In addition, there are tutorials in Russian semi legal online SMS services on how to use it to register to ChatGPT.

“It is not extremely difficult to bypass OpenAI’s restricting measures for specific countries to access ChatGPT. Right now, we are seeing Russian hackers already discussing and checking how to get past the geofencing to use ChatGPT for their malicious purposes. We believe these hackers are most likely trying to implement and test ChatGPT into their day-to-day criminal operations. Cyberciminals are growing more and more interested in ChatGPT, because the AI technology behind it can make a hacker more cost-efficient,” Check Point says.

In its previous report the cybersecurity firm highlighted how malicious actors are already taking advantage of the AI-based chatbot to develop malicious tools. Some of the cases demonstrated that many cybercriminals using OpenAI have no development skills at all. The company described three separate cases where less experienced cybercriminals would be able to easily recreate workable malware strains capable of infiltrating a network by following the specific instructions provided to them by ChatGTP.

Back to the list

Latest Posts

Ongoing campaign targets exposed PostgreSQL instances to deploy crypto miners

Ongoing campaign targets exposed PostgreSQL instances to deploy crypto miners

The campaign could involve over 1,500 compromised systems.
2 April 2025
DPRK IT worker threat expands beyond the US, focuses on Europe

DPRK IT worker threat expands beyond the US, focuses on Europe

The schemes come with new tactics, including extortion campaigns and corporate virtualized infrastructure compromises.
2 April 2025
New PhaaS platform Lucid targets 169 entities across 88 countries using iMessage and RCS

New PhaaS platform Lucid targets 169 entities across 88 countries using iMessage and RCS

Lucid is capable of sending up to 100,000 smishing messages per day.
1 April 2025