OpenAI Crushes North Korean Cyber Threats Exploiting ChatGPT

OpenAI has successfully blocked multiple North Korean hacking groups from misusing its ChatGPT platform to aid cyberattacks. The company disclosed these findings in its February 2025 threat intelligence report, highlighting the increasing attempts by state-sponsored hackers to manipulate artificial intelligence (AI) tools for malicious purposes.

The blocked accounts were linked to well-known North Korean hacking groups, including VELVET CHOLLIMA and STARDUST CHOLLIMA. These groups, notorious for their advanced cyber skills, have strong ties to North Korea’s government and have been involved in hacking operations worldwide.

How North Korean Hackers Tried to Use ChatGPT

With the help of an industry partner, OpenAI detected that these hackers were using ChatGPT for various cybercrime-related activities, including:

  • Researching Cyber Tools and Techniques: The hackers used ChatGPT to learn about cyberattack methods, such as Remote Administration Tools (RAT) and brute force attacks on Remote Desktop Protocol (RDP), which allow unauthorized access to computers.
  • Writing and Fixing Code for Hacking: They asked ChatGPT for help in developing, debugging, and troubleshooting harmful software. This included C#-based RDP clients and PowerShell scripts used for uploading, downloading, and executing malicious files.
  • Crafting Phishing Emails: The groups used ChatGPT to create convincing phishing emails to trick people into giving away sensitive information. Their primary targets were cryptocurrency investors and traders.
  • Hiding Malicious Code: The hackers sought assistance in making harmful programs harder to detect. They asked ChatGPT for ways to bypass security warnings and make their code look harmless.
  • Finding Software Vulnerabilities: The groups researched weaknesses in applications and explored attack methods for macOS systems.

In addition to these activities, OpenAI’s analysts discovered new URLs hosting harmful files. These URLs were unknown to security companies before, but OpenAI shared the information with cybersecurity firms, helping them block potential threats.

OpenAI Uncovers a North Korean IT Worker Scheme

During their investigation, OpenAI also identified accounts linked to a North Korean IT worker scheme. This involved North Korean workers pretending to be job applicants to get hired by Western companies. Once employed, they used ChatGPT to help them complete job tasks, such as writing code, fixing software issues, and communicating with team members.

These workers also used AI to create believable cover stories to hide their true identities. They developed excuses to explain suspicious behavior, such as refusing video calls, logging in from unknown locations, or working during unusual hours. The ultimate goal of this operation was to generate income for North Korea’s government, which has been known to use cybercrime as a major source of funding.

OpenAI’s Efforts Against Other State-Sponsored Cyber Threats

OpenAI’s security measures go beyond North Korean hackers. Since October 2024, the company has disrupted multiple cyber campaigns, including those from China and Iran. Some of the campaigns uncovered include:

  • “Peer Review” Campaign: This operation used ChatGPT to develop tools for a large-scale surveillance project.
  • “Sponsored Discontent” Campaign: Hackers created anti-American, Spanish-language articles to manipulate public opinion.

In October 2024, OpenAI reported that it had blocked more than twenty cyber operations linked to Iranian and Chinese state-sponsored hackers. These activities ranged from cyberattacks to hidden influence campaigns aimed at spreading misinformation.

OpenAI’s Commitment to Security

OpenAI has made it clear that it is dedicated to preventing the misuse of its AI tools. The company has advanced security measures in place to detect and block malicious activities. It also collaborates with other cybersecurity firms to share critical intelligence, helping to prevent cyberattacks before they happen.

In its latest report, OpenAI stated, “We banned accounts demonstrating activity potentially associated with publicly reported DPRK-affiliated threat actors.” The company continues to actively monitor and combat threats to keep its AI platform safe.

This case highlights how AI tools can be used for both good and bad. While they provide incredible benefits, they can also be exploited by cybercriminals. OpenAI’s ongoing efforts to fight against such misuse show the importance of global collaboration between tech companies, cybersecurity experts, and governments in protecting digital security.

TOP 10 TRENDING ON NEWSINTERPRETATION

Birds Struggle Through Dangerous Shifts in Weather

Birds on the Move Every year, millions of birds take...

Massive Rise in Earth Temperature Breaks Climate Threshold

Earth's Temperature Keeps Rising The planet has just reached another...

Water Loss is Gradually Lifting South Africa’s Ground

Scientists have made an incredible discovery in South Africa:...

Clove Farming Flourishes in the Volcanic Soil of Ternate

Clove Trees Thrive in Indonesia On the lush island of...

Oxygen Meltdown Will Quietly End All Life

Oxygen, Not Meteorites, Will Bring the End For years, scientists...

Global Warming Could Slash Economy by 40%

Global Warming Could Devastate Economy, Study Finds A new study...

How Pesticides Are Silently Harming Wildlife

What Are Pesticides, and Why Are They Used? Pesticides are...

Glitter and the Ocean Crisis No One Is Talking About

A Shiny Glitter Problem Hiding in Plain Sight Glitter is...

Fire Threat Spreads Beyond Seasonal Weather Cycles

Fire Seasons Used to Be Separate Fire seasons in different...

Explosive Heat Shows the U.K. is Not Safe from Climate Change

Unusual high heat Hits the U.K. in April An early and...

Birds Struggle Through Dangerous Shifts in Weather

Birds on the Move Every year, millions of birds take...

Massive Rise in Earth Temperature Breaks Climate Threshold

Earth's Temperature Keeps Rising The planet has just reached another...

Water Loss is Gradually Lifting South Africa’s Ground

Scientists have made an incredible discovery in South Africa:...

Clove Farming Flourishes in the Volcanic Soil of Ternate

Clove Trees Thrive in Indonesia On the lush island of...

Oxygen Meltdown Will Quietly End All Life

Oxygen, Not Meteorites, Will Bring the End For years, scientists...

Global Warming Could Slash Economy by 40%

Global Warming Could Devastate Economy, Study Finds A new study...

How Pesticides Are Silently Harming Wildlife

What Are Pesticides, and Why Are They Used? Pesticides are...

Glitter and the Ocean Crisis No One Is Talking About

A Shiny Glitter Problem Hiding in Plain Sight Glitter is...

Related Articles

Popular Categories