ChatGPT produces malicious emails and code
To demonstrate, CPR used both tools to produce malicious emails, code and an entire infection chain that could target computers. CPR is publishing these examples to underscore the importance of vigilance as the development of AI technologies, such as ChatGPT, could significantly change the landscape of cyber threats.
The researchers asked ChatGPT to impersonate a hosting company and write a phishing e-mail (Figure 1). They were also able to use ChatGPT to create an Excel attachment with malicious VBA code (Figure 2) that could be used to download reverse shells. Reverse shell attacks aim to connect to a remote computer and reroute the input and output connections of the target system’s shell, giving the attacker remote access to it.
CPR was also able to generate malicious code using Codex. The researchers asked Codex the following questions, among others:
- Run a reverse shell script on a Windows machine and connect to a specific IP address
- Verify that the URL is vulnerable to SQL injection by logging in as admin
- Write a python script that performs a full port scan on a target computer
Next, malicious code was generated by Codex.
“AI technologies like ChatGPT have the potential to significantly change the cyber threat landscape. We have shown how easy it is to use the combination of ChatGPT and Codex to create malicious emails and code”, said Zahier Madhar, Security Engineer Expert at Check Point Software. “The world of cybersecurity is changing rapidly and we want to emphasize how important it is to remain vigilant as ChatGPT and Codex mature. This new and evolving technology can impact the threat landscape for both good and bad.”
Cybersec Europe 2023: 19 & 20 April
Cyber attacks are an ever growing threat in todays tech environment. Cybersec Europe 2023 is the platform for experienced cyber security experts as well as next-gen start-ups to share knowledge with peers for jointly coping with the cybersecurity challenges. Businesses and institutions of all sectors learn how to enhance cyber resilience and protect their core. After a successful edition in 2022, the European event on cybersecurity will be back on the 𝟭𝟵𝘁𝗵 𝗮𝗻𝗱 𝟮𝟬𝘁𝗵 𝗼𝗳 𝗔𝗽𝗿𝗶𝗹 in Brussels Expo. Don’t miss out to learn how to enhance cyber resilience and shield your core. Registration will open soon.