SoylentNews is people
SoylentNews
from the maybe-it-can-tell-me-the-combo-to-my-luggage-too dept.
A researcher used ChatGPT to create dangerous data-stealing malware
The malware even escaped detection on VirusTotal:
A cybersecurity researcher claims to have used ChatGPT to develop a zero-day exploit that can steal data from a compromised device. Alarmingly, the malware even evaded detection from all vendors on VirusTotal.
Forcepoint's Aaron Mulgrew said he decided early on in the malware creation process not to write any code himself and use only advanced techniques that are typically employed by sophisticated threat actors like rogue nation states.
Describing himself as a "novice" in malware development, Mulgrew said he used Go implementation language not only for its ease of development, but also because he could manually debug the code if needed. He also used steganography, which hides secret data within an regular file or message in order to avoid detection.
[...] Mulgrew said the entire process took "only a few hours." Without the chatbot, he believes it would have taken a team of 5-10 developers weeks to craft the malicious software and ensure it could evade detection by security apps.
While Mulgrew created the malware for research purposes, he said a theoretical zero-day attack using such a tool could target high-value individuals to exfiltrate critical documents on the C drive.
Generating Free Windows Keys with ChatGPT
Someone just used ChatGPT to generate free Windows keys:
ChatGPT is an incredibly capable piece of tech, with a huge number of interesting uses. But, perhaps inevitably, people have put it to use for less noble purposes. Now, someone has used it to generate valid Windows license keys for free.
The discovery was made by YouTuber Enderman, who used ChatGPT to create license keys for Windows 95. Why Windows 95? Well, support ended for it 20 years ago, so this was essentially an exercise in curiosity from Enderman rather than an attempt to crack more modern versions like Windows 11.
As well as that, Windows 95 uses a simpler key validation method than later versions of Microsoft's operating system, meaning the likelihood of success was much higher.
[...] While this application of ChatGPT is sure to raise a few eyebrows, it would be much harder to pull off for more recent Windows versions given the increased complexity of their keys. Still, it's an indication of just what ChatGPT can do if you get a bit creative with your prompts. From writing malware to composing music, people have been keeping OpenAI's chatbot busy, and we wouldn't be surprised if more key-generation attempts come to light after this latest escapade.
(Score: 2) by Mojibake Tengu on Friday April 07, @02:32AM (4 children)
Any tips for AI able to create MIDI files?
The edge of 太玄 cannot be defined, for it is beyond every aspect of design
(Score: 2) by DannyB on Friday April 07, @02:31PM (2 children)
Hey, AI can create fake Linux features out of thin air!
Q. Can you make up some fake Linux features that I wish my system had?
So maybe some of those features have been added to Linux after the Chat GPT cutoff date of September 2021?
Q. How about an auto patch feature which generates random code and then automatically patches the system with that?
Young people won't believe you if you say you used to get Netflix by US Postal Mail.
(Score: 2) by Mojibake Tengu on Friday April 07, @03:30PM (1 child)
I cannot determine if this is funny or tragic.
Still wishing for some MIDI files artificial GPT summoner though.
The edge of 太玄 cannot be defined, for it is beyond every aspect of design
(Score: 2) by DannyB on Friday April 07, @07:12PM
If the musical Holophonor instrument in Futurama had a MIDI input, you could connect it to an AI that generated MIDI output to your browser.
Young people won't believe you if you say you used to get Netflix by US Postal Mail.
(Score: 2) by Freeman on Monday April 10, @02:40PM
When asked, ChatGPT just says it can't. It also can't create music notation. At least when asked directly about it. I'm pretty sure I saw some old style music notation, but don't remember enough to try and get ChatGPT to model anything.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2, Informative) by Anonymous Coward on Friday April 07, @02:33AM
Sounds more like it wrote the payload stuff than the exploit.
Is it really a zero day exploit, if it only exploits those who are willing to download and run random new stuff off the internet?
Bypassing virustotal is easy. You can probably automate it in perl.
See also:
https://metacpan.org/pod/pp [metacpan.org]
https://metacpan.org/pod/Acme::Bleach [metacpan.org]
https://metacpan.org/pod/Acme::EyeDrops [metacpan.org]
Go figure.
(Score: 5, Touché) by mhajicek on Friday April 07, @06:14AM
Object lesson: store your sensitive data on the D drive.
The spacelike surfaces of time foliations can have a cusp at the surface of discontinuity. - P. Hajicek
(Score: 4, Touché) by hopdevil on Friday April 07, @07:10AM
made for TV special snake oil, can't find any better east of the Mississippi