VERY IMPORTANT

OpenAI has disrupted over 20 malicious cyber operations abusing ChatGPT for various purposes, including malware development and spear-phishing attacks. The company confirmed cases involving Chinese and Iranian threat actors. SweetSpecter, a Chinese group, targeted OpenAI employees with phishing emails and used ChatGPT for reconnaissance and social engineering. CyberAv3ngers, an Iranian group, utilized the AI tool for developing scripts, planning post-compromise activities, and exploiting vulnerabilities. Another Iranian group, Storm-0817, employed ChatGPT to create Android malware and supporting infrastructure. These cases demonstrate that generative AI tools can enhance offensive cyber operations, particularly for low-skilled actors, across all stages of an attack.