AI Used to Create Malware, WithSecure Observes

Written by

Alarm bells continue to ring in the cybersecurity world around the potential threats from AI in the hands of threat actors. In particular, malware being created through ChatGPT appears to be a reality.

WithSecure’s CEO confirmed to Infosecurity that the company has observed malware samples that have been generated by ChatGPT.

“Since ChatGPT has the ability to provide different answers to the same question you can also use it to generate many different varioations, a mutation of the malware sample. This makes it harder for defenders to detect,” Juhani Hintikka, CEO at WithSecure, told Infosecurity.  

Tim West, head of threat intelligence at WithSecure added that the fact that malware created using ChatGPT is polymorphic will make it challenging for defenders.

Hintikka noted, “Traditionally AI has been used by the defenders in our industry, us included, and the attackers have done the offense manually but now I think that is changing.”

Malicious actors are already using legitimate software like remote access tools, it makes sense for them to begin using AI that is readily available.

“ChatGPT will support software engineering for good and bad and it is an enabler and lowers the barrier for entry for the threat actors to develop malware,” West said.  

Regarding phishing emails, it is clear that AI and large language models can be used to create convincing email campaigns, social media messages and targeted texts.

“So far, humans have been able to identify that what is suspicious, and what is not that, I think that will be much, much, harder moving forward,” Hintikka said.

Driving Efficiency in the Criminal World

According to Stephen Robinson, senior threat intelligence analyst at WithSecure, cyber-criminal gangs and organizations are now evolving to mirror legitimate businesses.

With ransomware being such a lucrative business, Robinson said that these nefarious groups can now invest in efficiencies through outsourcing activities to suppliers, “almost like a gig economy.”

It is likely that this investment will also go towards understanding AI and its capabilities and while discussing threat actors use of AI Hintikka said that “since the criminal groups have also become bigger, unfortunately, they have now the means to invest.”

Looking to the future, Hintikka said, “This will be a game of good AI versus bad AI.” 

What’s hot on Infosecurity Magazine?