Report Reveals ChatGPT Already Involved in Data Leaks, Phishing Scams & Malware Infections
April 12, 2023
PRESS RELEASE
MIAMI, April 12, 2023 /PRNewswire/ -- Network Assured has reported that data leaks, phishing scams and malware infections attributable to ChatGPT are on the rise. The report tracks the most significant cybersecurity breaches in which ChatGPT has been involved and has found almost two new events of concern each week through March and April 2023.
March Saw OpenAI's First Major Data Leak
As many as 1.2% of ChatGPT users during a particular session in March may have had their payment details exposed to the public. While the bug that caused the leak was quickly fixed, the leak's impact on credit card fraud and identity theft may not be known for months.
3 New ChatGPT-linked Security Events in First Two Weeks of April
In April alone, the report found: ChatGPT was involved in a major data leak at Samsung, where staff members uploaded sensitive information that included source code from defective equipment and the transcripts of private meetings.
The report also revealed:
A 135% increase in novel phishing attacks: Hackers are using tools like ChatGPT to create more convincing phishing emails using sophisticated language that matches the target organization.
Fake browser plugins posing as ChatGPT deployed malware to as many as 2,000 people per day over a 6 day period in March.
Scammers Impersonated OpenAI to promote a fake Defi token with a phishing email campaign.
Dark web forum users are distributing scripts that allow malicious actors to bypass ChatGPTs illegal content filters and create new Malware.
11% of what company employees paste into ChatGPT during the course of work, was sensitive company information.
Researchers Use ChatGPT to Create Undetectable Zero Day Virus
Documenting additional cybersecurity risks, the report highlights the first case of ChatGPT creating a Zero Day virus, with undetectable exfiltration, that successfully passed a virus scan.
The virus was made by a novice developer, using only prompts from ChatGPT. In his worrying conclusion, the developer noted that "this kind of end to end, very advanced attack has previously been reserved for nation state attackers."
A.I. Tools Are Fighting Cybercrime Too
Fortunately, A.I. tools are also being used to detect and prevent cyberattacks at an increasing rate. The report cites evidence from January 2023 indicating that AI-based security tools stopped over 1.7 million malware attacks within a 90 day period.
To see the complete set of leaks, phishing attempts and malware attacks and cyber risks attributable to ChatGPT, including a full breakdown of the largest healthcare breaches by records stolen, and damage incurred, with full color charts, please see the report here.
About Network Assured
Network Assured is a free, independent advisory that helps businesses price cybersecurity services, perform due diligence, and find better vendors. Learn more at www.NetworkAssured.com.
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024