- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
- How control rooms help organizations and security management
- ITDM 2025 전망 | “효율경영 시대의 핵심 동력 ‘데이터 조직’··· 내년도 활약 무대 더 커진다” 쏘카 김상우 본부장
- 세일포인트 기고 | 2025년을 맞이하며… 머신 아이덴티티의 부상이 울리는 경종
ChatGPT Cybercrime Surge Revealed in 3000 Dark Web Posts
Security researchers have observed a notable surge in dark web discussions regarding the illicit use of ChatGPT and other Large Language Models (LLMs), according to findings from Kaspersky’s Digital Footprint Intelligence service in 2023.
Nearly 3000 dark web posts were identified, focusing on a spectrum of cyber-threats, from creating malicious chatbot versions to exploring alternative projects like XXXGPT and FraudGPT.
While the peak in chatter occurred in March last year, ongoing discussions indicate a sustained interest in exploiting AI technologies for illegal activities.
According to the data shared by Kaspersky with Infosecurity, cybercriminals are actively exploring various schemes to implement ChatGPT and AI, including malware development and the illicit use of language models.
“Threat actors are actively exploring various schemes to implement ChatGPT and AI. Topics frequently include the development of malware and other types of illicit use of language models, such as processing of stolen user data, parsing files from infected devices and beyond,” explained Alisa Kulishenko, digital footprint analyst at Kaspersky.
The security expert added the prevalence of AI tools has also resulted in the incorporation of automated responses from ChatGPT or its equivalents into some cybercriminal forums.
“In addition, threat actors tend to share jailbreaks via various dark web channels – special sets of prompts that can unlock additional functionality – and devise ways to exploit legitimate tools, such as those for pen-testing, based on models for malicious purposes,” Kulishenko said.
Read more on ChatGPT-enabled attacks: New ChatGPT Attack Technique Spreads Malicious Packages
Another concerning aspect revealed by Kaspersky is the market for stolen ChatGPT accounts, with an additional 3000 posts advertising these accounts for sale across the dark web. This market poses a significant threat to users and companies, with posts either distributing stolen accounts or promoting auto-registration services that mass-create accounts on request.
In response to these findings, Kaspersky recommended implementing reliable endpoint security solutions and dedicated services to combat high-profile attacks and minimize potential consequences.
Image credit: photosince / Shutterstock.com