ChatGPT Misuse by Nation-State Actors for Malware Development and Influence Operations

First reported

08.10.2025 10:16

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

OpenAI has disrupted three activity clusters misusing its ChatGPT AI tool for cyberattacks. These clusters include Russian, North Korean, and Chinese threat actors who used ChatGPT to develop malware, conduct phishing campaigns, and engage in influence operations. The Russian threat actor developed a remote access trojan (RAT) and credential stealer, while the North Korean group created malware and command-and-control (C2) infrastructure. The Chinese group, UNK_DropPitch, generated phishing content and tooling for routine tasks. Additionally, OpenAI blocked accounts used for scams, influence operations, and surveillance, including networks from Cambodia, Myanmar, Nigeria, and individuals linked to Chinese government entities.

Timeline

08.10.2025 10:16 1 articles · 4h ago

OpenAI Disrupts Nation-State Actors Misusing ChatGPT for Cyberattacks
OpenAI has disrupted three activity clusters misusing its ChatGPT AI tool for cyberattacks. These clusters include Russian, North Korean, and Chinese threat actors who used ChatGPT to develop malware, conduct phishing campaigns, and engage in influence operations. The Russian threat actor developed a remote access trojan (RAT) and credential stealer, while the North Korean group created malware and command-and-control (C2) infrastructure. The Chinese group, UNK_DropPitch, generated phishing content and tooling for routine tasks. Additionally, OpenAI blocked accounts used for scams, influence operations, and surveillance, including networks from Cambodia, Myanmar, Nigeria, and individuals linked to Chinese government entities.
Show sources

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks — thehackernews.com — 08.10.2025 10:16
Open in new tab

Information Snippets

Russian threat actor used ChatGPT to develop and refine a remote access trojan (RAT) and credential stealer.
First reported: 08.10.2025 10:16

1 source, 1 article
Show sources
- OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks — thehackernews.com — 08.10.2025 10:16
North Korean threat actor used ChatGPT for malware and C2 development, including macOS Finder extensions and Windows Server VPNs.
First reported: 08.10.2025 10:16

1 source, 1 article
Show sources
- OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks — thehackernews.com — 08.10.2025 10:16
Chinese threat actor UNK_DropPitch used ChatGPT for phishing campaigns and tooling to accelerate routine tasks.
First reported: 08.10.2025 10:16

1 source, 1 article
Show sources
- OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks — thehackernews.com — 08.10.2025 10:16
OpenAI blocked accounts from Cambodia, Myanmar, Nigeria, and China for scams, influence operations, and surveillance.
First reported: 08.10.2025 10:16

1 source, 1 article
Show sources
- OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks — thehackernews.com — 08.10.2025 10:16
Threat actors used ChatGPT to remove indicators of AI-generated content, such as em-dashes.
First reported: 08.10.2025 10:16

1 source, 1 article
Show sources
- OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks — thehackernews.com — 08.10.2025 10:16
Anthropic released an open-source auditing tool called Petri to accelerate AI safety research.
First reported: 08.10.2025 10:16

1 source, 1 article
Show sources
- OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks — thehackernews.com — 08.10.2025 10:16

Summary

Timeline

OpenAI Disrupts Nation-State Actors Misusing ChatGPT for Cyberattacks

Information Snippets