* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Thursday, October 23, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Sacramento city leaders approve adding 2 entertainment zones in midtown – CBS News

    Sacramento City Leaders Approve Two Thrilling New Entertainment Zones in Midtown

    AMC brings first new Dolby Experience to Gwinnett since 2017 – Wyoming News Now

    AMC Launches First New Dolby Experience in Gwinnett Since 2017

    Hetzel Design: blending architecture and entertainment – Blooloop

    Hetzel Design: Where Architecture and Entertainment Unite in Perfect Harmony

    Country music legend rushed to hospital year after heart surgery. Here’s what we know – PennLive.com

    Country Music Legend Rushed to Hospital One Year After Heart Surgery – What’s Happening Now?

    Strictly Come Dancing results: Chris Robshaw is eliminated while drag queen La Voix escapes dance-off – Yahoo

    Strictly Come Dancing results: Chris Robshaw is eliminated while drag queen La Voix escapes dance-off – Yahoo

    Placer County town of Loomis considers entertainment zone for downtown – CBS News

    Loomis Unveils Thrilling New Entertainment Zone to Revitalize Downtown

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Rydberg Technologies Inc. Announces Launch of Rydberg Photonics in Berlin – The Quantum Insider

    Rydberg Technologies Launches Exciting New Photonics Division in Berlin

    A look into new technology at Columbia University that could help prevent a dangerous pregnancy complication – ABC7 New York

    A look into new technology at Columbia University that could help prevent a dangerous pregnancy complication – ABC7 New York

    Office Technology: Dealers’ Managed IT Revenue up Nearly 30% – The Cannata Report –

    Office Technology: Dealers’ Managed IT Revenue up Nearly 30% – The Cannata Report –

    3 E Network Technology Group Limited Closes $1.5 Million Convertible Promissory Note Offering – Quiver Quantitative

    3 E Network Technology Group Limited Closes $1.5 Million Convertible Promissory Note Offering – Quiver Quantitative

    3 Technology Stocks to Buy Now – Yahoo Finance

    3 Must-Buy Tech Stocks You Can’t Afford to Miss Right Now

    ‘New frontier’: Austin leaders start discussions on air taxi technology – KXAN Austin

    Austin Leaders Ignite Exciting Conversations on the Future of Air Taxi Technology

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Sacramento city leaders approve adding 2 entertainment zones in midtown – CBS News

    Sacramento City Leaders Approve Two Thrilling New Entertainment Zones in Midtown

    AMC brings first new Dolby Experience to Gwinnett since 2017 – Wyoming News Now

    AMC Launches First New Dolby Experience in Gwinnett Since 2017

    Hetzel Design: blending architecture and entertainment – Blooloop

    Hetzel Design: Where Architecture and Entertainment Unite in Perfect Harmony

    Country music legend rushed to hospital year after heart surgery. Here’s what we know – PennLive.com

    Country Music Legend Rushed to Hospital One Year After Heart Surgery – What’s Happening Now?

    Strictly Come Dancing results: Chris Robshaw is eliminated while drag queen La Voix escapes dance-off – Yahoo

    Strictly Come Dancing results: Chris Robshaw is eliminated while drag queen La Voix escapes dance-off – Yahoo

    Placer County town of Loomis considers entertainment zone for downtown – CBS News

    Loomis Unveils Thrilling New Entertainment Zone to Revitalize Downtown

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Rydberg Technologies Inc. Announces Launch of Rydberg Photonics in Berlin – The Quantum Insider

    Rydberg Technologies Launches Exciting New Photonics Division in Berlin

    A look into new technology at Columbia University that could help prevent a dangerous pregnancy complication – ABC7 New York

    A look into new technology at Columbia University that could help prevent a dangerous pregnancy complication – ABC7 New York

    Office Technology: Dealers’ Managed IT Revenue up Nearly 30% – The Cannata Report –

    Office Technology: Dealers’ Managed IT Revenue up Nearly 30% – The Cannata Report –

    3 E Network Technology Group Limited Closes $1.5 Million Convertible Promissory Note Offering – Quiver Quantitative

    3 E Network Technology Group Limited Closes $1.5 Million Convertible Promissory Note Offering – Quiver Quantitative

    3 Technology Stocks to Buy Now – Yahoo Finance

    3 Must-Buy Tech Stocks You Can’t Afford to Miss Right Now

    ‘New frontier’: Austin leaders start discussions on air taxi technology – KXAN Austin

    Austin Leaders Ignite Exciting Conversations on the Future of Air Taxi Technology

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Microsoft: Nation-state hackers are exploiting ChatGPT

February 15, 2024
in Technology
Microsoft: Nation-state hackers are exploiting ChatGPT
Share on FacebookShare on Twitter

Threat actors from China, Iran, North Korea and Russia have all been probing use cases for generative AI service ChatGPT, but have yet to use such tools in a full-blown cyber attack


Alex Scroxton

By

Alex Scroxton,
Security Editor

Published: 14 Feb 2024 19:29

Nation-state threat actors backed by the governments of China, Iran, North Korea and Russia are exploiting the large language models (LLMs) used by generative AI services such as OpenAI’s ChatGPT, but has not yet been used in any significant cyber attacks, according to the Microsoft Threat Intelligence Center (MSTIC)

Researchers at the MSTIC have been working hand-in-hand with OpenAI – with which Microsoft has a longstanding and occasionally controversial multibillion dollar partnership – to track various adversary groups and share intelligence on threat actors, and their emerging tactics, techniques and procedures (TTPs). Both organisations are also working with MITRE to integrate these new TTPs into the MITRE ATT&CK framework and the ATLAS knowledge base.

Over the past few years, said MSTIC, threat actors have been closely following developing trends in tech in parallel with defenders, and like defenders they have been looking at AI as a method of enhancing their productivity, and exploit platforms like ChatGPT that could be helpful to them.

“Cyber crime groups, nation-state threat actors, and other adversaries are exploring and testing different AI technologies as they emerge, in an attempt to understand potential value to their operations and the security controls they may need to circumvent,” the MSTIC team wrote in a newly-published blog post detailing their work to date.

“On the defender side, hardening these same security controls from attacks and implementing equally sophisticated monitoring that anticipates and blocks malicious activity is vital.”

The team said that while different threat actors motives and sophistication vary, they do have common tasks, such as reconnaissance and research, coding and malware development, and in many cases, learning English. Language support in particular is emerging as a key use case to assist threat actors with social engineering and victim negotiations.

However, said the team, at the time of writing, this is about as far as threat actors have gone. They wrote: “Importantly, our research with OpenAI has not identified significant attacks employing the LLMs we monitor closely.”

They added: “While attackers will remain interested in AI and probe technologies’ current capabilities and security controls, it’s important to keep these risks in context. As always, hygiene practices such as multifactor authentication (MFA) and Zero Trust defences are essential because attackers may use AI-based tools to improve their existing cyber attacks that rely on social engineering and finding unsecured devices and accounts.”

What have they been doing?

The MSTIC has today shared details of the activities of five nation-state advanced persistent threat (APT) groups that it has caught red handed playing around with ChatGPT, one each from Iran, North Korea, Russia, and two from China.

The Iranian APT, Crimson Sandstorm (aka Tortoiseshell, Imperial Kitten, Yellow Liderc), which is linked to Tehran’s Islamic Revolutionary Guard Corps (IRGC), targets multiple verticals with watering hole attacks and social engineering to deliver custom .NET malware.

Some of its LLM-generated social engineering lures have included phishing emails purporting to be from a prominent international development agency, and another campaign which attempted to lure feminist activists to a fake website.

It also used LLMs to generate code snippets to support the development of applications and websites, interact with remote servers, scrape the web, and execute tasks when users sign in. It also attempted use LLMs to develop code that would enable it to evade detection, and to learn how to disable antivirus tools.

The North Korean APT, Emerald Sleet (aka Kimsuky, Velvet Chollima), favours spear-phishing attacks to gather intelligence from experts on North Korea, and often masquerades as academic institutions and NGOs to lure them in.

Emerald Sleet has been using LLMs largely in support of this activity, as well as research into thinktanks and experts on North Korea, and generation of phishing lures. It has also been seen interacting with LLMs to understand publicly-disclosed vulnerabilities – notably CVE-2022-30190, aka Follina, a zero-day in Microsoft Support Diagnostic Tool – to troubleshoot technical problems, and to get help using various web technologies.

The Russian APT, Forest Blizzard (aka APT28, Fancy Bear), which operates on behalf of Russian military intelligence through GRU Unit 26165, has been actively using LLMs in support of cyber attacks on targets in Ukraine.

Among other things, it has been caught using LLMs to satellite communications and radar imaging technologies that may relate to conventional military operations against Ukraine, seek assistance with basic scripting tasks, including file manipulation, data selection, regular expressions and multiprocessing. MSTIC said this may be an indication that Forest Blizzard is trying to work out how to automate some of its work.

The two Chinese APTs are Charcoal Typhoon (aka Aquatic Panda, ControlX, RedHotel, Bronze University) and Salmon Typhoon (aka APT4, Maverick Panda).

Charcoal Typhoon has a broad operational scope targeting multiple key sectors such as government, communications, fossil fuels, and information technology, in Asian and European countries, whereas Salmon Typhoon tends to go for US defence contractors, government agencies, and cryptographic technology specialists.

Charcoal Typhoon has been observed using LLMs to explore augmenting its technical nous, looking for help in tooling development, scripting, understanding commodity cyber security tools, and generating social engineering lures.

Salmon Typhoon is also using LLMs in an exploratory way, but has tended to try to use them to source information on sensitive geopolitical topics of interest to China, high-profile individuals, and US global influence and internal affairs. However, on at least one occasion it also tried to get ChatGPT to write malicious code – MSTIC noted that the model declined to help with this, in line with its ethical safeguards.

All of the observed APTs have had their accounts and access to ChatGPT suspended.

Reaction

Commenting on the MSTIC – OpenAI research, Neil Carpenter, principle technical analyst at Orca Security, said the most important takeaway for defenders is that while nation-state adversaries are interested in LLMs and generative AI, they are still in the early stages and their interest has not yet resulted in any novel or advanced techniques.

“This indicates that organisations who are focused on existing best practices in defending their assets and detecting and responding to potential incidents are well positioned; additionally, organisations that are pursuing advanced approaches like zero-trust will continue to benefit from these investments,” Carpenter told Computer Weekly in emailed comments

“Generative AI approaches can definitely help defenders in the same ways that Microsoft describes threat actors using them; to operate more efficiently. For instance, in the case of the currently-exploited Ivanti vulnerabilities, AI-powered search allows defenders to rapidly identify the most critical, exposed, and vulnerable assets even if initial responders lack specialist knowledge of domain-specific languages used in their security platforms,” he added.

Read more on Hackers and cybercrime prevention


CISA: Volt Typhoon had access to some U.S. targets for 5 years

ArielleWaldman

By: Arielle Waldman


NCSC warns CNI operators over ‘living-off-the-land’ attacks

AlexScroxton

By: Alex Scroxton


Critical infrastructure hacks raise alarms on Chinese threats

AlexanderCulafi

By: Alexander Culafi


US government disrupts Chinese botnet containing hundreds of end-of-life Cisco and Netgear routers

CarolineDonnelly

By: Caroline Donnelly

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366570000/Microsoft-Nation-state-hackers-are-exploiting-ChatGPT

Tags: MicrosoftNation-statetechnology
Previous Post

Dutch Supreme Court approves use of EncroChat evidence

Next Post

‘One Chicago’: A Guide to How Dick Wolf Characters Are Related

Forest cover enhances pest control by birds and bats independently of vineyard management intensity – besjournals

Forest cover enhances pest control by birds and bats independently of vineyard management intensity – besjournals

October 22, 2025
November Family Consumer Science Program – Alachua County

November Family Consumer Science Program – Alachua County

October 22, 2025
Correction: Anti-Science Movement story – The News-Gazette

Unraveling the Truth Behind the Anti-Science Movement: A Closer Look

October 22, 2025
Best Burgers 2025: 9 cult-favorite burgers off the beaten path – Yahoo

Best Burgers 2025: 9 cult-favorite burgers off the beaten path – Yahoo

October 22, 2025
Rydberg Technologies Inc. Announces Launch of Rydberg Photonics in Berlin – The Quantum Insider

Rydberg Technologies Launches Exciting New Photonics Division in Berlin

October 22, 2025
Forbes Unveils First-Ever “Most Powerful Women In Sports” List, Featuring 25 Of The Trailblazers Transforming The Industry, Including Gayle Benson, Caitlin Clark, Michele Kang, Serena Williams And More – Forbes

Meet the 25 Trailblazing Women Revolutionizing the World of Sports, Featuring Gayle Benson, Caitlin Clark, Michele Kang, Serena Williams and More

October 22, 2025
Grandmaster Daniel Naroditsky remembered for his impact on the chess world – NPR

Grandmaster Daniel Naroditsky: Honoring a Timeless Chess Legacy

October 22, 2025
Seattle’s Creative Economy: Building Talent, Culture, and Community – GeekWire

Seattle’s Creative Economy: How Talent, Culture, and Community Are Shaping the Future

October 22, 2025
Sacramento city leaders approve adding 2 entertainment zones in midtown – CBS News

Sacramento City Leaders Approve Two Thrilling New Entertainment Zones in Midtown

October 22, 2025
Self-efficacy mediates the effect of hope on health promotion intention in Chinese stroke patients – Nature

How Hope Boosts Health Motivation in Chinese Stroke Patients Through Self-Efficacy

October 22, 2025

Categories

Archives

October 2025
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Sep    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (881)
  • Economy (902)
  • Entertainment (21,773)
  • General (17,746)
  • Health (9,943)
  • Lifestyle (915)
  • News (22,149)
  • People (903)
  • Politics (912)
  • Science (16,113)
  • Sports (21,402)
  • Technology (15,882)
  • World (885)

Recent News

Forest cover enhances pest control by birds and bats independently of vineyard management intensity – besjournals

Forest cover enhances pest control by birds and bats independently of vineyard management intensity – besjournals

October 22, 2025
November Family Consumer Science Program – Alachua County

November Family Consumer Science Program – Alachua County

October 22, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version