Digital Forensics Dispatch

Bad Actors Using AI to Mack and Create Malware?!

January 24, 2023

Artificial intelligence, or AI, has been all over the news lately, but as digital forensic examiners a recent article by Danny Palmer on ZDnet.com stood out. The article highlights how the AI chat-bot, ChatGPT appears to be in use by hackers to script code for malicious software.

A product of the Company OpenAI, ChatGPT is an AI tool that is designed to process normal language and interact with people in a conversational manner.

For instance, you could type “How do I (fill in the blank)?” and in short order ChatGPT would respond with a descriptive answer to your question. You could even ask it to write you a poem about your topic of choice, as our company president did for a recent podcast, and it will reply with a few verses. While the potential use cases seem broad, it could clearly be used to assist with tasks like responding to emails, writing papers and creating code.

ChatGPT’s ablity to assist with writing harmful code has already been documented by cybersecurity researchers at the cybersecurity software company Check Point. ZDNet quoted the researchers as stating “Threat actors with very low technical knowledge – up to zero tech knowledge – could be able to create malicious tools. It could also make the day-to-day operations of sophisticated cybercriminals much more efficient and easier.”

For their part, OpenAI’s terms of services literally ban the use of ChatGPT to create malware, and for cybercrime in general. Numerous reports from hacking forums seem to paint a different picture though, with posts detailing early tests and even successful malicious code and malware generation. This will be a quickly evolving topic and we will be keeping an eye on how AI is impacting malware/spyware and digital forensics in general.

Email:    Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensic