Newsinterpretation

OpenAI Crushes North Korean Cyber Threats Exploiting ChatGPT

OpenAI has successfully blocked multiple North Korean hacking groups from misusing its ChatGPT platform to aid cyberattacks. The company disclosed these findings in its February 2025 threat intelligence report, highlighting the increasing attempts by state-sponsored hackers to manipulate artificial intelligence (AI) tools for malicious purposes.

The blocked accounts were linked to well-known North Korean hacking groups, including VELVET CHOLLIMA and STARDUST CHOLLIMA. These groups, notorious for their advanced cyber skills, have strong ties to North Korea’s government and have been involved in hacking operations worldwide.

How North Korean Hackers Tried to Use ChatGPT

With the help of an industry partner, OpenAI detected that these hackers were using ChatGPT for various cybercrime-related activities, including:

  • Researching Cyber Tools and Techniques: The hackers used ChatGPT to learn about cyberattack methods, such as Remote Administration Tools (RAT) and brute force attacks on Remote Desktop Protocol (RDP), which allow unauthorized access to computers.
  • Writing and Fixing Code for Hacking: They asked ChatGPT for help in developing, debugging, and troubleshooting harmful software. This included C#-based RDP clients and PowerShell scripts used for uploading, downloading, and executing malicious files.
  • Crafting Phishing Emails: The groups used ChatGPT to create convincing phishing emails to trick people into giving away sensitive information. Their primary targets were cryptocurrency investors and traders.
  • Hiding Malicious Code: The hackers sought assistance in making harmful programs harder to detect. They asked ChatGPT for ways to bypass security warnings and make their code look harmless.
  • Finding Software Vulnerabilities: The groups researched weaknesses in applications and explored attack methods for macOS systems.

In addition to these activities, OpenAI’s analysts discovered new URLs hosting harmful files. These URLs were unknown to security companies before, but OpenAI shared the information with cybersecurity firms, helping them block potential threats.

OpenAI Uncovers a North Korean IT Worker Scheme

During their investigation, OpenAI also identified accounts linked to a North Korean IT worker scheme. This involved North Korean workers pretending to be job applicants to get hired by Western companies. Once employed, they used ChatGPT to help them complete job tasks, such as writing code, fixing software issues, and communicating with team members.

These workers also used AI to create believable cover stories to hide their true identities. They developed excuses to explain suspicious behavior, such as refusing video calls, logging in from unknown locations, or working during unusual hours. The ultimate goal of this operation was to generate income for North Korea’s government, which has been known to use cybercrime as a major source of funding.

OpenAI’s Efforts Against Other State-Sponsored Cyber Threats

OpenAI’s security measures go beyond North Korean hackers. Since October 2024, the company has disrupted multiple cyber campaigns, including those from China and Iran. Some of the campaigns uncovered include:

  • “Peer Review” Campaign: This operation used ChatGPT to develop tools for a large-scale surveillance project.
  • “Sponsored Discontent” Campaign: Hackers created anti-American, Spanish-language articles to manipulate public opinion.

In October 2024, OpenAI reported that it had blocked more than twenty cyber operations linked to Iranian and Chinese state-sponsored hackers. These activities ranged from cyberattacks to hidden influence campaigns aimed at spreading misinformation.

OpenAI’s Commitment to Security

OpenAI has made it clear that it is dedicated to preventing the misuse of its AI tools. The company has advanced security measures in place to detect and block malicious activities. It also collaborates with other cybersecurity firms to share critical intelligence, helping to prevent cyberattacks before they happen.

In its latest report, OpenAI stated, “We banned accounts demonstrating activity potentially associated with publicly reported DPRK-affiliated threat actors.” The company continues to actively monitor and combat threats to keep its AI platform safe.

This case highlights how AI tools can be used for both good and bad. While they provide incredible benefits, they can also be exploited by cybercriminals. OpenAI’s ongoing efforts to fight against such misuse show the importance of global collaboration between tech companies, cybersecurity experts, and governments in protecting digital security.

TOP 10 TRENDING ON NEWSINTERPRETATION

“Pay more and enjoy nothing”—Newsom torches Trump’s tariff push as costs for food, cars, and flights soar

California Governor Gavin Newsom has strongly criticized President Donald...

Eric Trump explodes on Newsmax — claims Biden tried to break up Donald and Melania’s marriage

Eric Trump has sparked fresh controversy after making a...

Republicans brace as AOC’s rising momentum threatens to upend 2026 and 2028 elections

Republicans warn their party not to underestimate Representative Alexandria...

WestJet Reveals Passenger Data Breach Raising Security Concerns

Canadian airline WestJet has confirmed that some passenger information...

Japanese beer giant Asahi confirms cyberattack halts shipping and ordering in Japan temporarily

Japanese beer giant Asahi has confirmed a cyber attack...

Leaked emails expose Epstein’s secret hand in Israel–Mongolia security pact with Barak

A new set of leaked emails shows Jeffrey Epstein...

Award stage turns battlefield as Harris brands Trump an unchecked, incompetent and unhinged President

Kamala Harris, the former vice president and 2024 Democratic...

Newsom office doubles down on fascist label for Miller citing his political actions and views

Newsom’s Office Takes a Bold Stance California Governor Gavin Newsom’s...

The privacy-first app that just blew past 350,000 new users a day

Explosive Growth Surprises Users Arattai, the messaging app developed by...

Federal firepower hits AOC’s Queens district as FBI targets Roosevelt Avenue crime empire

The FBI has moved into action in Queens, New...

Republicans brace as AOC’s rising momentum threatens to upend 2026 and 2028 elections

Republicans warn their party not to underestimate Representative Alexandria...

WestJet Reveals Passenger Data Breach Raising Security Concerns

Canadian airline WestJet has confirmed that some passenger information...

Newsom office doubles down on fascist label for Miller citing his political actions and views

Newsom’s Office Takes a Bold Stance California Governor Gavin Newsom’s...
error: Content is protected !!
Exit mobile version