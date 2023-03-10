ChatGPT is a chatbot prototype created by the OpenAI company to hold conversations with human beings and the acronym stands for Chat Generative Pre-trained Transformer, literally “generative pre-trained transformer”. Transformers are an advanced type of machine learning-based language models; in particular, ChatGPT is the evolution of an earlier model called GPT-3.5, obtained through supervised learning and reinforcement learning.

Human beings intervened in these last stages of learning the tool, who trained the model both by interacting with it and by feeding it with their own conversations. As a result of these improvements, ChatGPT provides answers that are more articulate, more relevant and more real.

The practical applications of GPT are many:

Custom chatbot

Automatic translation

Content creation and analysis

Production of news and information content

Text completion and suggestion

Speech synthesis

Text comprehension

Over the past few months, experts from all fields have come and gone putting ChatGPT to the test, and some have raised concerns about ChatGPT’s impact on cybersecurity, claiming that it can be used to create new malware and new cyberthreats for users.

For this reason, Panda Security analyzed the program, identifying 3 main cybersecurity dangers related to ChatGPT:

• E-mail di phishing: ChatGPT could be used to write emails and texts for phishing sites without the usual spelling errors that help recognize phishing attempts, also improve their style and make them more effective.

• Malicious scripts and malware: ChatGPT has a content moderation feature that meets the moral criteria of its developers but in theory, when fed with strings of malicious code, ChatGPT is able to replicate and combine them.

• Social engineering: it is potentially possible to ask ChatGPT questions and obtain information to prepare a spear phishing or social engineering attack against a person; it all depends on how much information is online and is being fed into the model.

Furthermore, given the recent notoriety of the app, cybercriminals took advantage of it by developing a campaign on social networks where they create accounts similar to OpenAI officers promoting downloads of a fictitious program as a desktop client for ChatGPT.

This program, downloaded as an executable file, apparently does not complete the installation process which instead continues in parallel without the user’s knowledge by installing a Trojan stealer, designed to steal information relating to saved accounts on various browsers, including Chrome and Firefox .

The criminals who developed this Trojan aim to steal cookies and login credentials from Facebook, TikTok and Google accounts, especially those related to companies to obtain additional sensitive information.

To protect yourself from this type of attack, as always, it is advisable to use a complete security suite such as Panda Dome capable of detecting and removing any malware present on the device. As always, this must be accompanied by the common sense of usersTo date we do not know how the use of ChatGPT will evolve, what applications it will have in companies and if and how it will be used by cybercriminals to develop new online scams. It’s safe to assume, as with previous new technology launches, that it presents a huge opportunity for cybercriminals to hack into accounts and steal users’ sensitive credentials. This is why you need to protect your devices, stay up to date on the latest IT security news and respect good online conduct rules.