Network Assured Report Reveals ChatGPT Already Involved in Data Leaks, Phishing Scams & Malware Infections

Network Assured Report Reveals ChatGPT Already Involved in Data Leaks, Phishing Scams & Malware Infections

Network Assured has reported that data leaks, phishing scams and malware infections attributable to ChatGPT are on the rise. The report tracks the most significant cybersecurity breaches in which ChatGPT has been involved and has found almost two new events of concern each week through March and April 2023.

March Saw OpenAI’s First Major Data Leak

As many as 1.2% of ChatGPT users during a particular session in March may have had their payment details exposed to the public. While the bug that caused the leak was quickly fixed, the leak’s impact on credit card fraud and identity theft may not be known for months.

Marketing Technology News: MarTech Interview with Liviu Tanase, CEO at ZeroBounce

3 New ChatGPT-linked Security Events in First Two Weeks of April

In April alone, the report found:

ChatGPT was involved in a major data leak at Samsung, where staff members uploaded sensitive information that included source code from defective equipment and the transcripts of private meetings.

The report also revealed:

  • A 135% increase in novel phishing attacks: Hackers are using tools like ChatGPT to create more convincing phishing emails using sophisticated language that matches the target organization.
  • Fake browser plugins posing as ChatGPT deployed malware to as many as 2,000 people per day over a 6 day period in March.
  • Scammers Impersonated OpenAI to promote a fake Defi token with a phishing email campaign.
  • Dark web forum users are distributing scripts that allow malicious actors to bypass ChatGPTs illegal content filters and create new Malware.
  • 11% of what company employees paste into ChatGPT during the course of work, was sensitive company information.

Researchers Use ChatGPT to Create Undetectable Zero Day Virus

Documenting additional cybersecurity risks, the report highlights the first case of ChatGPT creating a Zero Day virus, with undetectable exfiltration, that successfully passed a virus scan.

The virus was made by a novice developer, using only prompts from ChatGPT. In his worrying conclusion, the developer noted that “this kind of end to end, very advanced attack has previously been reserved for nation state attackers.”

A.I. Tools Are Fighting Cybercrime Too

Fortunately, A.I. tools are also being used to detect and prevent cyberattacks at an increasing rate. The report cites evidence from January 2023 indicating that AI-based security tools stopped over 1.7 million malware attacks within a 90 day period.

To see the complete set of leaks, phishing attempts and malware attacks and cyber risks attributable to ChatGPT, including a full breakdown of the largest healthcare breaches by records stolen, and damage incurred, with full color charts.

Marketing Technology News: Five Questions Every AdTech Company Needs to Ask Before Sharing a Dataset

Picture of PRNewswire

PRNewswire

PR Newswire, a Cision company, is the premier global provider of multimedia platforms and distribution that marketers, corporate communicators, sustainability officers, public affairs and investor relations officers leverage to engage key audiences. Having pioneered the commercial news distribution industry over 60 years ago, PR Newswire today provides end-to- end solutions to produce, optimize and target content -- and then distribute and measure results. Combining the world's largest multi-channel, multi-cultural content distribution and optimization network with comprehensive workflow tools and platforms, PR Newswire powers the stories of organizations around the world. PR Newswire serves tens of thousands of clients from offices in the Americas, Europe, Middle East, Africa and Asia-Pacific regions.