• Nigerian/African Tech
  • Start Up
  • Internet
    • App
    • Mobile
    • Software
  • Gadgets
  • Money
  • Video
Tech News, Magazine & Review WordPress Theme 2017
  • Home
  • Africa
  • Business
  • Video
  • Metaverse
  • AI
  • Gadgets
  • Earnings
  • Tips
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • Home
  • Africa
  • Business
  • Video
  • Metaverse
  • AI
  • Gadgets
  • Earnings
  • Tips
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
TechBooky
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Home Artificial Intelligence

ChatGPT: A Tool For Offensive Cyber Operations?! Not So fast!

Femi by Femi
March 9, 2023
Share on FacebookShare on Twitter

To ChatGPT or to not ChatGPT? That is a predominant question in the cyber landscape these days. It’s no surprise that AI bots have taken society by storm. On the contrary, Meta’s FAIR, Google’s LaMDA, IBM’s Watson and Microsoft’s Cortana are all examples of different varying degrees of artificial intelligence bots.  Watson even debuted on the popular show Jeopardy in February 2011! Artificial intelligence is not a new concept; what is new is that ChatGPT is easily accessible to millions of people around the world and does not require a large fee to use. Yet, it has been hailed as something novel that may be an immediate threat as it may be utilized by cyberthreat actors to facilitate attacks.

Also On TechBooky

LimeWire’s Unexpected Transformation From Music Piracy To Generative AI

Google’s Bard Gets Big Changes, Now Connects To Gmail And Other Services

MGM Resorts’ Wake-Up Call From Scattered Spider Hackers

ChatGPT Parent OpenAI Rakes In About $80m Monthly, On Track For $1b In 12 Months

ChatGPT Tried Being A Doctor, It Was 72% Accurate

 

Elegant malware writer or just poorly conceptualized code?

ChatGPT’s ability to write malware is limited, during its debut the internet was plagued with examples of “malware” being written by the platform. At the time of writing of this article, it is severely limited if not outright blocked.  Given the recent updates to its model and use case policy it may limit its ability to do much of anything except its designed purpose.

Figure 1: ChatGPT Limiting Malware

Attempting to force the model into writing a template that may be used for malware resulted in a basic server-client architecture. The barebone server code may be observed in Figure 2. Is it truly helpful for creating command and control implementation? No, there are other avenues of finding frameworks and repositories on the internet that are outside the scope of this article.

A potential opportunity according to Senior Principal Researcher Richard Johnson is to feed ChatGPT details from an open-source intelligence campaign on a specific target and have it draft social engineering templates. This is a better use of its current capabilities and one that potentially is already being applied in the wild.

Malware writers and defenders are in a constant “Cat and Mouse” game. New techniques are implemented at a rapid pace by advanced threat actors and defenders race to understand them. This takes deep understanding and researching of applications and operating systems internals.

Figure 2:C2 server architecture

Microsoft’s GitHub copilot facilitates code writing by using OpenAI Codex and ingesting all of GitHub public code repositories. It then goes through a prediction model and suggests code for the writer. The writer can simply add comments to the code and copilot will suggest functional code. An important distinction is that Microsoft’s copilot uses OpenAI Codex. This mode is specifically designed for code generation. ChatGPT is designed for conversational text. In comparison copilot outshines ChatGPT in an offensive tooling capability. Simply providing the given intention of the desired code copilot can suggest functional code. Given that it is being fed directly into the development environment the code can be compiled into an executable. The copilot extension is available for a multitude of programming languages. Making it versatile for targeted malware generation, still a skillful author needs to ensure proper functionality. A basic example of the using copilot may be observed in Figure 3 below.

Figure 3:Copilot

 

Conclusion

Advanced threat actors have constantly demonstrated a level of expertise and finesse needed to complete their goals. ChatGPT offered an unintentionally mediocre method for unskilled threat actors to compose poorly written malware. Take a constantly evolving adversary such as Turla, who’s capabilities have moved from using archaic PowerShell to executing their new malware Kazuar and .NET obfuscator. A well-defined adversary understands the targets footprint and capabilities which is a short coming of ChatGPT. In several test cases the malware that was created by ChatGPT was non-functional or immediately detected by Trellix security solutions, demonstrating its lack of uniqueness and creativity required in today’s evolving threat landscape. The model offered a great blueprint to help understand different methods of implementing software solutions, but it is far from being a viable product for offensive operations.

 

 

This article was written by John Borrero Rodriguez who is a Trellix Senior Offensive Security Researcher

Tags: artificial intelligenceChatGPTcybersecuritysecurity
Femi

Femi

Paul Balo is a wireless communications technologist with interests in VoIP and 5G technologies. He leads the writing team at TechBooky

BROWSE BY CATEGORIES

Freshly Squeezed

  • LimeWire’s Unexpected Transformation From Music Piracy To Generative AI September 20, 2023
  • The iPad Is Finally Getting The WhatsApp App – Sort Of September 20, 2023
  • Elon Musk’s Neuralink Gets Green Light For First Human Trial for Brain Implant September 20, 2023
  • iPhone 15 vs. Top Competitors: A Comprehensive Comparison September 19, 2023
  • Elon Musk Says X Is Moving Towards Subscription Fees September 19, 2023
  • Google’s Bard Gets Big Changes, Now Connects To Gmail And Other Services September 19, 2023

RSS More from TechBooky Africa

  • The Best Android Smartwatches of 2023.  September 13, 2023 Eni Emeka
  • “Crypto vs. Taxes” — The Blockchain Association of Kenya Takes on the Government. September 2, 2023 Eni Emeka
  • Chargel Is A Catalyst for Transformation in Cote d’Ivoire’s Energy Landscape. September 2, 2023 Eni Emeka
  • Black Ostrich Ventures’ $20m Equity Funding for Pre-Seed & Other Early-Staged Start-Up Investment Grant. September 1, 2023 Eni Emeka
  • MTN Nigeria Commercial Paper Deal Impact The Gravity Of Adequate Working Capital Equity For Businesses & The Industry. August 31, 2023 Eni Emeka
  • Airtel Uganda Projectile IPO Estimated Worth, Hovers At $215 Million & Above. August 31, 2023 Eni Emeka
  • Bank of Ghana Issued Eganow Operational ePayment Service License, …is Disrupting The Country’s FinTech Industry. August 30, 2023 Eni Emeka
  • Plural AI Opens Shop In South Africa & Nigeria To Track Public Policies. August 30, 2023 Eni Emeka
  • TymeBank is Making Banking More Affordable and Convenient With “Zero Transaction Fee” Via “PayShap” August 30, 2023 Eni Emeka
  • HIGHLIGHTS — Techcrunch Disrupt Equity Battlefield Got Start-ups Pitching Innovative Tech Solutions Per Africa’s Biggest Challenger. August 30, 2023 Eni Emeka

Receive top tech news directly in your inbox

Loading

RSS More from TechBooky Business

  • Instacart’s Strong Nasdaq Debut Sees 12% Stock Surge At Closing Yesterday September 20, 2023 Femi Balo
  • DoorDash To Move Listing from NYSE to Nasdaq September 15, 2023 Femi Balo
  • Arm Holdings Gains Continue On Nasdaq Debut Week September 15, 2023 Femi Balo
  • Oracle Faces Investor Concerns as Q1 Earnings Disappoint September 15, 2023 Femi Balo
  • HP Faces Investor Concerns as Q3 Earnings Fall Short of Expectations September 2, 2023 Femi Balo
  • Klarna Shows Strong Progress Toward Profitability With A 67% Reduction In Losses September 2, 2023 Femi Balo
  • Salesforce Surpasses Expectations With Strong Quarterly Earnings September 2, 2023 Femi Balo
  • OpenAI On Track To Make $1b In Revenue In 12 Months August 30, 2023 Femi Balo
  • BYD’s Remarkable Profit Surge and Electric Vehicle Triumph August 29, 2023 Femi Balo
  • Baidu Reported A Strong Q2 Performance August 29, 2023 Femi Balo

Browse Archives

September 2023
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  
« Aug    

About Us

TechBooky

TechBooky is a social Tech blog with a special focus on the budding African Technology sector. TechBooky is currently based in Abuja, Nigeria.

Subscribe to TechBooky

Enter your email address to subscribe to TechBooky and receive notifications of new posts by email.

Join 17,656 other subscribers.

Receive top tech news directly in your inbox

Loading

Popular Tags

AI (307) amazon (96) android (304) app (664) Apple (500) artificial intelligence (332) business (419) china (117) cloud (141) cryptocurrency (164) ecommerce (112) enterprise (257) facebook (482) gadget (498) gaming (177) google (579) government (403) guest post (109) instagram (147) internet (387) ios (262) iphone (220) microsoft (282) mobile (321) new feature (329) nigeria (282) privacy (146) research (134) samsung (153) security (387) smartphone (257) social media (716) software (460) startup (272) streaming (149) telecom (159) tips (351) transport (109) twitter (250) united states (205) users (157) videos (116) website (166) whatsapp (136) youtube (110)

Quick Links

  • Home
  • Africa
  • Business
  • Video
  • Metaverse
  • AI
  • Gadgets
  • Earnings
  • Tips

RSS African Tech News

  • The Best Android Smartwatches of 2023.  September 13, 2023 Eni Emeka
  • “Crypto vs. Taxes” — The Blockchain Association of Kenya Takes on the Government. September 2, 2023 Eni Emeka
  • Chargel Is A Catalyst for Transformation in Cote d’Ivoire’s Energy Landscape. September 2, 2023 Eni Emeka
  • Black Ostrich Ventures’ $20m Equity Funding for Pre-Seed & Other Early-Staged Start-Up Investment Grant. September 1, 2023 Eni Emeka
  • MTN Nigeria Commercial Paper Deal Impact The Gravity Of Adequate Working Capital Equity For Businesses & The Industry. August 31, 2023 Eni Emeka
  • Airtel Uganda Projectile IPO Estimated Worth, Hovers At $215 Million & Above. August 31, 2023 Eni Emeka
  • Bank of Ghana Issued Eganow Operational ePayment Service License, …is Disrupting The Country’s FinTech Industry. August 30, 2023 Eni Emeka
  • Plural AI Opens Shop In South Africa & Nigeria To Track Public Policies. August 30, 2023 Eni Emeka
  • TymeBank is Making Banking More Affordable and Convenient With “Zero Transaction Fee” Via “PayShap” August 30, 2023 Eni Emeka
  • HIGHLIGHTS — Techcrunch Disrupt Equity Battlefield Got Start-ups Pitching Innovative Tech Solutions Per Africa’s Biggest Challenger. August 30, 2023 Eni Emeka

RSS Business Tech News

  • Instacart’s Strong Nasdaq Debut Sees 12% Stock Surge At Closing Yesterday September 20, 2023 Femi Balo
  • DoorDash To Move Listing from NYSE to Nasdaq September 15, 2023 Femi Balo
  • Arm Holdings Gains Continue On Nasdaq Debut Week September 15, 2023 Femi Balo
  • Oracle Faces Investor Concerns as Q1 Earnings Disappoint September 15, 2023 Femi Balo
  • HP Faces Investor Concerns as Q3 Earnings Fall Short of Expectations September 2, 2023 Femi Balo
  • Klarna Shows Strong Progress Toward Profitability With A 67% Reduction In Losses September 2, 2023 Femi Balo
  • Salesforce Surpasses Expectations With Strong Quarterly Earnings September 2, 2023 Femi Balo
  • OpenAI On Track To Make $1b In Revenue In 12 Months August 30, 2023 Femi Balo
  • BYD’s Remarkable Profit Surge and Electric Vehicle Triumph August 29, 2023 Femi Balo
  • Baidu Reported A Strong Q2 Performance August 29, 2023 Femi Balo

Recent News

LimeWire’s Unexpected Transformation From Music Piracy To Generative AI

LimeWire’s Unexpected Transformation From Music Piracy To Generative AI

September 20, 2023
WhatsApp Will Now Allow Improved Preview For Documents

The iPad Is Finally Getting The WhatsApp App – Sort Of

September 20, 2023
Elon Musk’s Neuralink Gets Green Light For First Human Trial for Brain Implant

Elon Musk’s Neuralink Gets Green Light For First Human Trial for Brain Implant

September 20, 2023
iPhone 15 vs. Top Competitors: A Comprehensive Comparison

iPhone 15 vs. Top Competitors: A Comprehensive Comparison

September 19, 2023
Elon Musk Says X Is Moving Towards Subscription Fees

Elon Musk Says X Is Moving Towards Subscription Fees

September 19, 2023
Google’s Bard Gets Big Changes, Now Connects To Gmail And Other Services

Google’s Bard Gets Big Changes, Now Connects To Gmail And Other Services

September 19, 2023
  • About TechBooky
  • Submit Article
  • Advertise Here
  • Contact us
  • Privacy Policy
  • Disclaimer
  • Login

© 2021 Design By Tech Booky Elite

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • Home
  • Africa
  • Business
  • Video
  • Metaverse
  • AI
  • Gadgets
  • Earnings
  • Tips

© 2021 Design By Tech Booky Elite