OpenAI bans ChatGPT accounts linked to Russian, Chinese hackers: what’s at stake?

OpenAI has taken decisive action by banning ChatGPT accounts linked to Russian and Chinese hacking groups engaged in cyber espionage and malicious software development.

The Russian-speaking threat actors used temporary email accounts to create multiple ChatGPT accounts, each employed for a single conversation aimed at making incremental improvements to malware. This tactic highlights the evolving use of AI tools in cybercrime.

"The threat actor, per OpenAI, used temporary email accounts to sign up for ChatGPT, using each of the created accounts to have one conversation to make a single incremental improvement to their malicious software."

Chinese nation-state groups, including those known as Bronze Fleetwood, Keyhole Panda, Manganese, UNC2630, Flea, Nylon Typhoon, Playful Taurus, Royal APT, and Vixen Panda, exploited ChatGPT for a range of cyber operations. These included developing brute-force scripts to breach FTP servers, researching automation of penetration testing using large-language models (LLMs), and managing Android device fleets to automate social media manipulation across platforms like Facebook, Instagram, TikTok, and X.

"The China-linked clusters weaponized ChatGPT to work on a brute-force script that can break into FTP servers, research about using large-language models (LLMs) to automate penetration testing, and develop code to manage a fleet of Android devices to programmatically post or like content on social media platforms like Facebook, Instagram, TikTok, and X."

OpenAI's intervention underscores the growing concern over AI's dual-use potential, where advanced tools can be harnessed for both innovation and cyber threats. While the company noted no evidence of widespread activity, the targeted nature of these operations reveals a sophisticated approach to leveraging AI in cyber warfare.

"The Go-based malware campaign has been codenamed ScopeCreep by the artificial intelligence (AI) company. There is no evidence that the activity was widespread in nature."

This development raises critical questions about the security and ethical implications of AI platforms and the ongoing battle to prevent their misuse by hostile actors.

OpenAI has banned ChatGPT accounts linked to Russian and Chinese hackers involved in malware development, social media automation, and U.S. satellite communications research. The Chinese groups, including Bronze Fleetwood and UNC2630, used ChatGPT for brute-force FTP attacks and automating penetration testing, while Russian actors made incremental malware improvements.