Kaspersky explores potential cyber threats on the dark web
In 2023, Kaspersky’s Digital Footprint Intelligence service uncovered a significant number of dark web posts discussing the illicit use of AI language models, particularly ChatGPT. The service detected close to 3000 posts on the dark web related to the misuse of ChatGPT and AI technologies, with discussions peaking in March but persisting throughout the year.
Alisa Kulishenko, a digital footprint analyst at Kaspersky, highlighted the active exploration of various schemes to implement ChatGPT and AI for nefarious purposes. These discussions often revolved around developing malware, processing stolen user data, and parsing files from infected devices using language models. The popularity of AI tools has also led to the integration of automated responses from ChatGPT into cybercriminal forums, as well as the sharing of jailbreaks and the exploitation of legitimate tools for malicious purposes.
Moreover, attention is being given to alternative language models, such as XXXGPT and FraudGPT, which are marketed on the dark web as enhanced versions of ChatGPT with additional functionality and no limitations.
Another concerning development is the market for stolen ChatGPT accounts, with an additional 3000 posts advertising these accounts for sale on the dark web and shadow Telegram channels. These posts either distribute stolen accounts or promote auto-registration services that create accounts on request, posing a potential threat to both users and companies.
While AI tools themselves are not inherently dangerous, cybercriminals are actively seeking efficient ways to utilize language models to lower the entry barrier into cybercrime and potentially increase the number of cyberattacks. Kulishenko emphasized the importance of staying informed about attackers’ activities to remain ahead of adversaries in terms of corporate cybersecurity.
In response to these cyber threats, Kaspersky recommends implementing security measures such as using the Digital Footprint Intelligence service to explore potential attack vectors and staying informed about existing threats from cybercriminals. Additionally, Kaspersky advises using reliable endpoint security solutions with behavior-based detection and anomaly control capabilities, as well as dedicated services like Managed Detection and Response and Incident Response to combat high-profile attacks and minimize their consequences.
The detailed research on these cyber threats is available on the official Kaspersky Digital Footprint Intelligence website. By staying informed and implementing the recommended security measures, individuals and organizations can protect themselves from the potential risks associated with cybercriminal activities on the dark web.