ChatGPT is dark web’s ‘hottest topic’ as criminals look to weaponise AI

Hackers want to take ‘complete control’ of artificial intelligence tool, warns cyber expert

Anthony Cuthbertson
Thursday 02 March 2023 14:42 GMT
Comments
ChatGPT from OpenAI launched in November 2022
ChatGPT from OpenAI launched in November 2022 (Getty Images/ iStock)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Discussions about ChatGPT have begun to flood forums on the dark web as hackers seek ways to exploit the AI chatbot, according to cyber security researchers.

The number of new posts about ChatGPT on the dark web – a section of the internet unreachable through conventional web browsers – grew seven-fold between January and February, while threads rose in popularity by 145 per cent.

Security firm NordVPN, which conducted the analysis, described the exploitation of ChatGPT as “the dark web’s hottest topic”.

Among the subjects discussed on the forums are ways to make the artificial intelligence create malware, how to hack ChatGPT, and methods for using it to carry out cyber attacks.

A separate report from cyber safety company Norton warned that criminals could be drawn to the advanced chatbot for its ability to produce responses that can appear indistinguishable to a human.

One potential form of attack using the AI software is known as phishing, whereby targets are tricked into revealing personal information that could compromise their online accounts.

Hackers have been seeking ways to get the AI to carry out such attacks, overcoming barriers put in place by ChatGPT’s creator OpenAI.

The AI research firm claims its technology is “trained to decline inappropriate requests”, however certain vulnerabilities have previously been exposed that allowed users to produce basic malware.

“Chatbots like ChatGPT can make our lives easier in many ways, like performing mundane written tasks, summarising complex subjects or suggesting a holiday itinerary. For cyber criminals, however, the revolutionary AI can be the missing piece of the puzzle for a number of scams,” said Marijus Briedis, a cyber security expert at NordVPN.

“Worryingly, in the last month discussions on the dark web have evolved from simple ‘cheats’ and workarounds – designed to encourage ChatGPT to do something funny or unexpected – into taking complete control of the tool and weaponising it.”

ChatGPT is currently the fastest growing app in the world, reaching 100 million users worldwide within the first two months of its launch.

More than three months after its launch, its popularity continues to grow. Traffic to the chatbot rose 83 per cent in February, reaching around 45 million daily visits, according to figures from data intelligence platform Similarweb.

“In 20 years following the internet space, we cannot recall a faster ramp in a consumer internet app,” UBS analysts wrote in a note in January.

By comparison, it took TikTok nine months following its global launch to reach a similar audience, and Instagram more than 2.5 years.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in