• Nigerian/African Tech
  • Start Up
  • Internet
    • App
    • Mobile
    • Software
  • Gadgets
  • Money
  • Video
Tech News, Magazine & Review WordPress Theme 2017
  • Home
  • Africa
  • Business
  • Video
  • Metaverse
  • AI
  • Gadgets
  • Earnings
  • Tips
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • Home
  • Africa
  • Business
  • Video
  • Metaverse
  • AI
  • Gadgets
  • Earnings
  • Tips
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
TechBooky
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Home Artificial Intelligence

ChatGPT: A Tool For Offensive Cyber Operations?! Not So fast!

Femi by Femi
March 9, 2023
Share on FacebookShare on Twitter

To ChatGPT or to not ChatGPT? That is a predominant question in the cyber landscape these days. It’s no surprise that AI bots have taken society by storm. On the contrary, Meta’s FAIR, Google’s LaMDA, IBM’s Watson and Microsoft’s Cortana are all examples of different varying degrees of artificial intelligence bots.  Watson even debuted on the popular show Jeopardy in February 2011! Artificial intelligence is not a new concept; what is new is that ChatGPT is easily accessible to millions of people around the world and does not require a large fee to use. Yet, it has been hailed as something novel that may be an immediate threat as it may be utilized by cyberthreat actors to facilitate attacks.

Also On TechBooky

How To Boost A Twitter Account In 2023: One Tool That Always Works

How To Create A Stellar Buyer Persona

Microsoft 365 Copilot, An AI Solution For Word, Excel, PowerPoint And Teams

Change In Communication: Top Trends Of Telecommunication In 2023

Microsoft Spent Millions Of Dollars On A ChatGPT Supercomputer

 

Elegant malware writer or just poorly conceptualized code?

ChatGPT’s ability to write malware is limited, during its debut the internet was plagued with examples of “malware” being written by the platform. At the time of writing of this article, it is severely limited if not outright blocked.  Given the recent updates to its model and use case policy it may limit its ability to do much of anything except its designed purpose.

Figure 1: ChatGPT Limiting Malware

Attempting to force the model into writing a template that may be used for malware resulted in a basic server-client architecture. The barebone server code may be observed in Figure 2. Is it truly helpful for creating command and control implementation? No, there are other avenues of finding frameworks and repositories on the internet that are outside the scope of this article.

A potential opportunity according to Senior Principal Researcher Richard Johnson is to feed ChatGPT details from an open-source intelligence campaign on a specific target and have it draft social engineering templates. This is a better use of its current capabilities and one that potentially is already being applied in the wild.

Malware writers and defenders are in a constant “Cat and Mouse” game. New techniques are implemented at a rapid pace by advanced threat actors and defenders race to understand them. This takes deep understanding and researching of applications and operating systems internals.

Figure 2:C2 server architecture

Microsoft’s GitHub copilot facilitates code writing by using OpenAI Codex and ingesting all of GitHub public code repositories. It then goes through a prediction model and suggests code for the writer. The writer can simply add comments to the code and copilot will suggest functional code. An important distinction is that Microsoft’s copilot uses OpenAI Codex. This mode is specifically designed for code generation. ChatGPT is designed for conversational text. In comparison copilot outshines ChatGPT in an offensive tooling capability. Simply providing the given intention of the desired code copilot can suggest functional code. Given that it is being fed directly into the development environment the code can be compiled into an executable. The copilot extension is available for a multitude of programming languages. Making it versatile for targeted malware generation, still a skillful author needs to ensure proper functionality. A basic example of the using copilot may be observed in Figure 3 below.

Figure 3:Copilot

 

Conclusion

Advanced threat actors have constantly demonstrated a level of expertise and finesse needed to complete their goals. ChatGPT offered an unintentionally mediocre method for unskilled threat actors to compose poorly written malware. Take a constantly evolving adversary such as Turla, who’s capabilities have moved from using archaic PowerShell to executing their new malware Kazuar and .NET obfuscator. A well-defined adversary understands the targets footprint and capabilities which is a short coming of ChatGPT. In several test cases the malware that was created by ChatGPT was non-functional or immediately detected by Trellix security solutions, demonstrating its lack of uniqueness and creativity required in today’s evolving threat landscape. The model offered a great blueprint to help understand different methods of implementing software solutions, but it is far from being a viable product for offensive operations.

 

 

This article was written by John Borrero Rodriguez who is a Trellix Senior Offensive Security Researcher

Related Posts:

  • OpenAI Begins Pilot Of ChatGPT Premium Version
    OpenAI Begins Pilot Of ChatGPT Premium Version
  • Microsoft Spent Millions Of Dollars On A ChatGPT Supercomputer
    Microsoft Spent Millions Of Dollars On A ChatGPT…
  • Microsoft Set To Share Its Vision Of The Future Of Work With AI
    Microsoft Set To Share Its Vision Of The Future Of Work With…
  • How Google's Sparrow AI Tool Is Looking To Take On ChatGPT
    How Google's Sparrow AI Tool Is Looking To Take On ChatGPT
  • Google Unveils ChatGPT Competitor Known As Bard
    Google Unveils ChatGPT Competitor Known As Bard
  • Here Are Key Differences Between Google Search And ChatGPT
    Here Are Key Differences Between Google Search And ChatGPT
  • “It’s A New Day In Search" As Microsoft Brings "Updated" ChatGPT To Bing And Edge
    “It’s A New Day In Search" As Microsoft Brings "Updated"…
  • OpenAI Is In Talks To raise Funds That Would Value It At $29b
    OpenAI Is In Talks To raise Funds That Would Value It At…
Tags: artificial intelligenceChatGPTcybersecuritysecurity
Femi

Femi

Paul Balo is a wireless communications technologist with interests in VoIP and 5G technologies. He leads the writing team at TechBooky

BROWSE BY CATEGORIES

Receive top tech news directly in your inbox

Loading

Recent

Twitter Appoints ‘Grievance Officer’ To Comply With India’s New Rules

How To Boost A Twitter Account In 2023: One Tool That Always Works

March 20, 2023
How To Create A Stellar Buyer Persona

How To Create A Stellar Buyer Persona

March 18, 2023
Microsoft 365 Copilot, An AI Solution For Word, Excel, PowerPoint And Teams

Microsoft 365 Copilot, An AI Solution For Word, Excel, PowerPoint And Teams

March 17, 2023
The “Tech” Company Behind Pornographic Sites Like Pornhub Gets Acquired

The “Tech” Company Behind Pornographic Sites Like Pornhub Gets Acquired

March 17, 2023
Space Travel In 2021: Bezos, Branson, And The Future of Space Tourism

Space Travel In 2021: Bezos, Branson, And The Future of Space Tourism

March 17, 2023
Overwhelmed by Data: When Wearables And Digital Banks Take A Toll On Our Mental Health

Overwhelmed by Data: When Wearables And Digital Banks Take A Toll On Our Mental Health

March 16, 2023
Change In Communication: Top Trends Of Telecommunication In 2023

Change In Communication: Top Trends Of Telecommunication In 2023

March 15, 2023
Meta Is Giving Up On NFTs For Facebook And Instagram

Meta Is Giving Up On NFTs For Facebook And Instagram

March 14, 2023
Microsoft Teams Is Rolling Out 3D Avatars In May.

Microsoft Teams Is Rolling Out 3D Avatars In May.

March 14, 2023
Microsoft Spent Millions Of Dollars On A ChatGPT Supercomputer

Microsoft Spent Millions Of Dollars On A ChatGPT Supercomputer

March 14, 2023

Browse Archives

March 2023
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Feb    

About Us

TechBooky

TechBooky is a social Tech blog with a special focus on the budding African Technology sector. TechBooky is currently based in Abuja, Nigeria.

Subscribe to TechBooky

Enter your email address to subscribe to TechBooky and receive notifications of new posts by email.

Join 17,655 other subscribers.

Receive top tech news directly in your inbox

Loading

Popular Tags

AI (266) amazon (95) android (286) app (616) Apple (476) artificial intelligence (281) business (356) china (114) cloud (135) cryptocurrency (159) ecommerce (110) enterprise (243) facebook (473) gadget (454) gaming (160) google (552) government (385) guest post (109) instagram (138) internet (357) ios (249) iphone (211) microsoft (266) mobile (285) new feature (295) nigeria (279) privacy (136) research (134) samsung (142) security (378) smartphone (240) social media (679) software (420) startup (271) streaming (141) telecom (159) tips (346) transport (105) twitter (220) united states (193) users (137) videos (115) website (162) whatsapp (130) youtube (108)

Quick Links

  • Home
  • Africa
  • Business
  • Video
  • Metaverse
  • AI
  • Gadgets
  • Earnings
  • Tips

Popular Post

  • Trending
  • Comments
  • Latest
Download Free Editable Resume Templates – Word / Docx – 2022

Download Free Editable Resume Templates – Word / Docx – 2022

July 25, 2022
The Best Free PC Games

The Best Free PC Games

July 29, 2022
Recover Permanently Deleted Emails From iCloud Manually

Recover Permanently Deleted Emails From iCloud Manually

March 5, 2022
How is Technology Changing Our Definition of What It Means to Be a Human?

How is Technology Changing Our Definition of What It Means to Be a Human?

April 1, 2018
Microsoft 365 Copilot, An AI Solution For Word, Excel, PowerPoint And Teams

Microsoft 365 Copilot, An AI Solution For Word, Excel, PowerPoint And Teams

March 17, 2023
How Can We Unlock VBA Project Password Without Hex Editor?

How Can We Unlock VBA Project Password Without Hex Editor?

December 23, 2020
Twitter Appoints ‘Grievance Officer’ To Comply With India’s New Rules

How To Boost A Twitter Account In 2023: One Tool That Always Works

March 20, 2023
How To Create A Stellar Buyer Persona

How To Create A Stellar Buyer Persona

March 18, 2023
Microsoft 365 Copilot, An AI Solution For Word, Excel, PowerPoint And Teams

Microsoft 365 Copilot, An AI Solution For Word, Excel, PowerPoint And Teams

March 17, 2023
The “Tech” Company Behind Pornographic Sites Like Pornhub Gets Acquired

The “Tech” Company Behind Pornographic Sites Like Pornhub Gets Acquired

March 17, 2023
Space Travel In 2021: Bezos, Branson, And The Future of Space Tourism

Space Travel In 2021: Bezos, Branson, And The Future of Space Tourism

March 17, 2023
Overwhelmed by Data: When Wearables And Digital Banks Take A Toll On Our Mental Health

Overwhelmed by Data: When Wearables And Digital Banks Take A Toll On Our Mental Health

March 16, 2023

Recent News

Twitter Appoints ‘Grievance Officer’ To Comply With India’s New Rules

How To Boost A Twitter Account In 2023: One Tool That Always Works

March 20, 2023
How To Create A Stellar Buyer Persona

How To Create A Stellar Buyer Persona

March 18, 2023
Microsoft 365 Copilot, An AI Solution For Word, Excel, PowerPoint And Teams

Microsoft 365 Copilot, An AI Solution For Word, Excel, PowerPoint And Teams

March 17, 2023
The “Tech” Company Behind Pornographic Sites Like Pornhub Gets Acquired

The “Tech” Company Behind Pornographic Sites Like Pornhub Gets Acquired

March 17, 2023
Space Travel In 2021: Bezos, Branson, And The Future of Space Tourism

Space Travel In 2021: Bezos, Branson, And The Future of Space Tourism

March 17, 2023
Overwhelmed by Data: When Wearables And Digital Banks Take A Toll On Our Mental Health

Overwhelmed by Data: When Wearables And Digital Banks Take A Toll On Our Mental Health

March 16, 2023
  • About TechBooky
  • Submit Article
  • Advertise Here
  • Contact us
  • Privacy Policy
  • Disclaimer
  • Login

© 2021 Design By Tech Booky Elite

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • Home
  • Africa
  • Business
  • Video
  • Metaverse
  • AI
  • Gadgets
  • Earnings
  • Tips

© 2021 Design By Tech Booky Elite