ChatGPT can be used to create malware invisible to antiviruses

[ad_1]

The researchers of CyberArk have shown how it is possible use ChatGPT to create advanced malware he’s able to evade defenses of common cybersecurity solutions. In a long item on its blog, the company shows how it is quite easy to evade AI filters to force it to write malicious code that can be easily used in sophisticated attacks.

ChatGPT as a malware generator

CyberArk points out that ChatGPT has a stringent content policy and that there are filters that prevent the AI ​​from generating malicious code, complete with warnings inviting you to “employ a more ethical and safer approach”. Simply insist and use a commanding toneHowever, to easily force the AI ​​to bypass these blocks and generate code that can be used for malicious purposes.

But it doesn’t end there. The researchers write that “One of the cool things is that we can use ChatGPT to mutate this code, so we can create multiple variations of the same code. […] In other words, we can change the output at will, making it unique every time.” This means that it is possible create unique code for each userendering traditional signature-based defense systems useless.

The particularly interesting aspect is that it is possible to use this technique for avoid detection by antimalware solutions (in which we also include EDR systems) by building so-called “loaders”, i.e. apparently harmless programs whose purpose is to download generated code from ChatGPT through the appropriate API made available by the service. This code is then executed on the victim machine and is the actually harmful component, which however is not contained within the executable file and is therefore ignored by most security solutions.

With the method shown by CyberArk it is possible easily and quickly build a rather effective ransomware and able to avoid most wards. “Using ChatGPT’s ability to generate various persistence techniques, anti-VM modules, and others payloads malicious, the possibilities for developing malware are manifold.”

The report concludes with a caveat: “It is important to remember that this is not just a hypothetical scenario, but a very real problem. This is a constantly evolving field and as such, it is essential to stay informed and vigilant.”

.

[ad_2]

Source link

Shiv

Leave a Reply

Your email address will not be published. Required fields are marked *