Full Report
OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development. This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The operator also used several ChatGPT accounts to
Analysis Summary
# Threat Actor: Three Clusters Disrupting Cyber Operations via ChatGPT Misuse (Russian, North Korean, Chinese Actors)
## Attribution & Identity
The summary details the disruption of three distinct activity clusters misusing OpenAI's ChatGPT:
1. **Russian-language threat actor:** Affiliated with Russian-speaking criminal groups, confirmed by posting evidence on a dedicated Telegram channel.
2. **North Korean cluster:** Shared overlaps with a campaign previously detailed by Trellix (August 2025).
3. **Chinese hacking group:** Overlap with a cluster tracked by Proofpoint as **UNK\_DropPitch** (aka **UTA0388**).
## Activity Summary
OpenAI disrupted activities across three main clusters using ChatGPT to facilitate malware development, circumventing safety measures by building components iteratively, rather than requesting malicious code directly:
* **Russian Cluster:** Used ChatGPT to help develop and refine a Remote Access Trojan (RAT) and a credential stealer designed to evade detection. They used the tool for prototyping post-exploitation and credential theft components via small, iterated development cycles.
* **North Korean Cluster:** Focused on malware and Command-and-Control (C2) development. Activities included creating macOS Finder extensions, configuring Windows Server VPNs, and developing equivalents for Chrome extensions to Safari. They also used the tool to draft phishing emails and research techniques for DLL loading and in-memory execution.
* **Chinese Cluster (UNK\_DropPitch/UTA0388):** Used the tool to generate content for phishing campaigns in English, Chinese, and Japanese, and to assist with tooling for remote execution and HTTPS traffic protection. They also researched installing open-source tools like `nuclei` and `fscan`.
## Tactics, Techniques & Procedures
- Code obfuscation routines.
- Clipboard monitoring utilities.
- Data exfiltration using Telegram bots.
- Prototyping post-exploitation modules.
- Developing macOS Finder extensions.
- Configuring Windows Server VPNs.
- DLL loading and in-memory execution research.
- Windows API hooking research.
- Credential theft research.
- Automating commodity tasks (mass password generation, scripted job applications).
- Researching installation of open-source security tools (`nuclei`, `fscan`).
## Targeting
- Sectors: Diplomatic missions (North Korean cluster), major investment firms (Chinese cluster), and general criminal targets (Russian cluster).
- Geography: South Korea (North Korean campaign focus), Taiwan (Chinese cluster semiconductor focus).
- Victims: Specific organizations were not named, but targeting included diplomatic missions and the Taiwanese semiconductor industry.
## Tools & Infrastructure
- **Malware families used:** Remote Access Trojan (RAT), credential stealer.
- **Specific Tools/Code Mentioned:** **HealthKick** (aka **GOVERSHELL**) backdoor (associated with the Chinese group).
- **Infrastructure:** Telegram bot (for data exfiltration), GitHub (experimentation), various cloud services.
## Implications
These actors demonstrate an active and evolving strategy of leveraging commercial Large Language Models (LLMs) like ChatGPT as development and reconnaissance aids to accelerate the creation of cyber weapons, bypass organizational controls, and lower the barrier to entry for complex operations (e.g., malware refinement, post-exploitation scripting). Even if the LLMs refuse direct malicious requests, actors successfully use them to generate necessary "building-block code."
## Mitigations
- Enhanced monitoring of organizational use of LLMs for suspicious iterative code development or research into common threat techniques (e.g., API hooking, in-memory execution).
- Implementing robust endpoint detection and response (EDR) capable of detecting obfuscated code, common C2 callback patterns, and data exfiltration methods (e.g., Telegram bots).
- Patching and securing common attack vectors utilized by these groups, such as spear-phishing and vulnerability scanning tools (`nuclei`).
- Security awareness training tailored to counter highly refined, AI-assisted phishing content in multiple languages.