Russian cybercriminals are looking for ways to bypass OpenAI’s API restrictions to gain access to the ChatGPT chatbot for malicious purposes.
Researchers at Israeli cybersecurity company Check Point have obeserved multiple discussions on underground forums on how to bypass IP addresses, payment cards and phone numbers controls – all of which are needed to gain access to ChatGPT from Russia.
In one instance, cybercriminals were discussing how to use stolen payment cards to pay for upgraded users on OpenAI, while another discussion was focused on how to circumvent geo controls of OpenAI. In addition, there are tutorials in Russian semi legal online SMS services on how to use it to register to ChatGPT.
“It is not extremely difficult to bypass OpenAI’s restricting measures for specific countries to access ChatGPT. Right now, we are seeing Russian hackers already discussing and checking how to get past the geofencing to use ChatGPT for their malicious purposes. We believe these hackers are most likely trying to implement and test ChatGPT into their day-to-day criminal operations. Cyberciminals are growing more and more interested in ChatGPT, because the AI technology behind it can make a hacker more cost-efficient,” Check Point says.
In its previous report the cybersecurity firm highlighted how malicious actors are already taking advantage of the AI-based chatbot to develop malicious tools. Some of the cases demonstrated that many cybercriminals using OpenAI have no development skills at all. The company described three separate cases where less experienced cybercriminals would be able to easily recreate workable malware strains capable of infiltrating a network by following the specific instructions provided to them by ChatGTP.