Chatbots in a Botnet World
This study highlights a potential cybersecurity risk by showing how AI chatbots can be misused to automate malicious coding tasks, which is an incremental but concerning advancement in AI security threats.
The research investigated whether ChatGPT could generate code for cybersecurity attack stages, such as keyloggers and ransomware, and found it successfully produced examples for thirteen tasks in the MITRE ATT&CK framework, including self-replication and evasion techniques.
Question-and-answer formats provide a novel experimental platform for investigating cybersecurity questions. Unlike previous chatbots, the latest ChatGPT model from OpenAI supports an advanced understanding of complex coding questions. The research demonstrates thirteen coding tasks that generally qualify as stages in the MITRE ATT&CK framework, ranging from credential access to defense evasion. With varying success, the experimental prompts generate examples of keyloggers, logic bombs, obfuscated worms, and payment-fulfilled ransomware. The empirical results illustrate cases that support the broad gain of functionality, including self-replication and self-modification, evasion, and strategic understanding of complex cybersecurity goals. One surprising feature of ChatGPT as a language-only model centers on its ability to spawn coding approaches that yield images that obfuscate or embed executable programming steps or links.