Last week Check Point Research (CPR) warned that cybercriminals are starting to use ChatGPT to create malware, an automatic encryption tool and to create scripts for a dark web marketplace. Now CPR is seeing more dark web activity – even in countries that are not supported by OpenAI. Russian cybercriminals have figured out how to use ChatGPT for their nefarious purposes. CPR expects them to leverage ChatGPT to make their malware development process more efficient and reduce the required initial investment for cybercrime.
How did they access ChatGPT?
According to the cybercriminals, for unsupported countries like Russia, the access to ChatGPT is limited by three main parameters:
- IP address
- Phone number
- Payment cards (for upgraded version of ChatGPT with API access, users must pay with payment card)
Note: All the below screenshots were originally in Russian.
First, CPR saw a Russian cybercriminal asking for advice for accessing OpenAI’s API, noting they are having trouble purchasing access with a Russian payment card and asking for help using a stolen payment card.
Then on a Russian underground Russian forum, CPR found a thread discussing how to use ChatGPT to write malware and a discussion on how to bypass OpenAI’s geographical controls. Cybercriminals also mentioned that various online SMS services can allow them to bypass OpenAI’s phone verification for 6 rubles (around $0.09).
Finally, CPR found multiple tutorials in Russian on semi-legal SMS text messaging services on how to use them to register for ChatGPT. Those allow receiving SMS messages to a phone number of a required country and are usually used to bypass limitations on registrations to different online services.
CPR also confirmed examples that this technique is being used.