Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
April 12, 2023
2 Min Read
PRESS RELEASE
MIAMI, April 12, 2023 /PRNewswire/ -- Network Assured has reported that data leaks, phishing scams and malware infections attributable to ChatGPT are on the rise. The report tracks the most significant cybersecurity breaches in which ChatGPT has been involved and has found almost two new events of concern each week through March and April 2023.
March Saw OpenAI's First Major Data Leak
As many as 1.2% of ChatGPT users during a particular session in March may have had their payment details exposed to the public. While the bug that caused the leak was quickly fixed, the leak's impact on credit card fraud and identity theft may not be known for months.
3 New ChatGPT-linked Security Events in First Two Weeks of April
In April alone, the report found: ChatGPT was involved in a major data leak at Samsung, where staff members uploaded sensitive information that included source code from defective equipment and the transcripts of private meetings.
The report also revealed:
A 135% increase in novel phishing attacks: Hackers are using tools like ChatGPT to create more convincing phishing emails using sophisticated language that matches the target organization.
Fake browser plugins posing as ChatGPT deployed malware to as many as 2,000 people per day over a 6 day period in March.
Scammers Impersonated OpenAI to promote a fake Defi token with a phishing email campaign.
Dark web forum users are distributing scripts that allow malicious actors to bypass ChatGPTs illegal content filters and create new Malware.
11% of what company employees paste into ChatGPT during the course of work, was sensitive company information.
Researchers Use ChatGPT to Create Undetectable Zero Day Virus
Documenting additional cybersecurity risks, the report highlights the first case of ChatGPT creating a Zero Day virus, with undetectable exfiltration, that successfully passed a virus scan.
The virus was made by a novice developer, using only prompts from ChatGPT. In his worrying conclusion, the developer noted that "this kind of end to end, very advanced attack has previously been reserved for nation state attackers."
A.I. Tools Are Fighting Cybercrime Too
Fortunately, A.I. tools are also being used to detect and prevent cyberattacks at an increasing rate. The report cites evidence from January 2023 indicating that AI-based security tools stopped over 1.7 million malware attacks within a 90 day period.
To see the complete set of leaks, phishing attempts and malware attacks and cyber risks attributable to ChatGPT, including a full breakdown of the largest healthcare breaches by records stolen, and damage incurred, with full color charts, please see the report here.
About Network Assured
Network Assured is a free, independent advisory that helps businesses price cybersecurity services, perform due diligence, and find better vendors. Learn more at www.NetworkAssured.com.
You May Also Like
More Insights
Webinars
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
