Sunday, November 17, 2024
HomeCyber Security NewsOpenAI Shuts Down Accounts Used to Generate Phishing Emails & Malware

OpenAI Shuts Down Accounts Used to Generate Phishing Emails & Malware

Published on

While Artificial Intelligence holds immense potential for good, its power can also attract those with malicious intent. 

State-affiliated actors, with their advanced resources and expertise, pose a unique threat, leveraging AI for cyberattacks that can disrupt infrastructure, steal data, and even harm individuals.

“We terminated accounts associated with state-affiliated threat actors. Our findings show our models offer only limited, incremental capabilities for malicious cybersecurity tasks.”

- Advertisement - SIEM as a Service

OpenAI teamed up with Microsoft Threat Intelligence to disrupt five state-affiliated groups attempting to misuse their AI services for malicious activities.

Document
Live Account Takeover Attack Simulation

How do Hackers Bypass 2FA?

Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks.

State-affiliated groups

Two groups linked to China, known as Charcoal Typhoon and Salmon Typhoon,

The Iranian threat actor “Crimson Sandstorm,” North Korea’s “Emerald Sleet,” and Russia-affiliated group “Forest Blizzard.”

Charcoal Typhoon: Researched companies and cybersecurity tools, likely for phishing campaigns.

Salmon Typhoon: Translated technical papers, gathered intelligence on agencies and threats, and researched hiding malicious processes.

Crimson Sandstorm: Developed scripts for app and web development, crafted potential spear-phishing content, and explored malware detection evasion techniques.

Emerald Sleet: Identified security experts, researched vulnerabilities, assisted with basic scripting, and drafted potential phishing content.

Forest Blizzard: Conducted open-source research on satellite communication and radar technology while also using AI for scripting tasks.

OpenAI’s latest security assessments, conducted with experts, show that while malicious actors attempt to misuse AI like GPT-4, its capabilities for harmful cyberattacks remain relatively basic compared to readily available non-AI tools.

OpenAI strategy

Proactive Defense: actively monitor and disrupt state-backed actors misusing platforms with dedicated teams and technology.

Industry Collaboration: work with partners to share information and develop collective responses against malicious AI use.

Continuously Learning: analyze real-world misuse to improve safety measures and stay ahead of evolving threats.

Public Transparency: share insights about malicious AI activity and actions to promote awareness and preparedness.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...