Cybercriminals experimenting with AI on the dark web

Cybercriminals experimenting with AI on the dark web


30 January 2024

Kaspersky's Digital Footprint Intelligence service has identified nearly 3,000 posts on the dark web that mainly discuss the use of ChatGPT and other LLMs for illegal activities. Perpetrators are looking for ways to deceive, from creating malicious alternatives to the chatbot to jailbreaking the original and beyond. Stolen ChatGPT accounts and services offering their mass automated creation are also flooding the dark web channels, reaching an additional 3,000 posts.

In 2023, Kaspersky Digital Footprint Intelligence discovered nearly 3,000 posts on the dark web discussing the use of ChatGPT for illegal purposes or talking about AI-based tools. Although the conversations peaked in March, the discussions are still going on.

In addition to the chatbots and AI mentioned, significant attention is being paid to projects such as XXXGPT, FraudGPT and others.These language models are being promoted on the dark web as alternatives to ChatGPT, having additional features and without the original limitations.

Stolen ChatGPT accounts for sale

Another threat to users and companies is the purchase of accounts for the paid version of ChatGPT. In 2023, another 3,000 posts (in addition to the ones mentioned above) were identified advertising ChatGPT accounts for sale across the dark web and on covert Telegram channels. These posts either distribute stolen accounts or promote auto-enrollment services that create accounts en masse upon request. It is worth noting that specific posts have been republished on many dark web channels.

To avoid the threats related to the activities of cybercriminals in the dangerous part of the internet, you can implement the following security measures:

  • Use Kaspersky Digital Footprint Intelligence to help security analysts explore the characteristics of an attacker with their company's resources, immediately discovering potential attack vectors available to them. This also helps to inform you about existing threats from cybercriminals, so you can adjust your security accordingly or take timely countermeasures and eradication measures
  • Choose a reliable endpoint security solution, such as Kaspersky Endpoint Security for Business, which is equipped with behavior-based detection and anomaly checking capabilities to effectively protect against known and unknown threats.
  • The specialized services can help combat large-scale attacks. With Kaspersky Managed Detection and Response, you can detect and stop attackers in the early stages before they achieve their goals. If you experience an incident, Kaspersky Incident Response service will help you respond and minimize the consequences, in particular to identify compromised accounts and protect your facility from similar attacks in the future.
View them all