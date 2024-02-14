Hackers

Iranian hackers used ChatGPT to target high-profile feminists with cyber attacks, the chatbot’s maker has revealed.

The cyber attack comes as one of the first known cases of state-backed organisations exploiting new artificial intelligence (AI) tools.

OpenAI and Microsoft said they had closed accounts belonging to a hacking group affiliated with Iran’s revolutionary guard, nicknamed Crimson Sandstorm, alongside other groups linked to Russia, China and North Korea.

The companies said the Iranian group used AI to write emails seeking to lure “prominent feminists” to a fake website, which could have been used to steal details or install computer viruses.

Last year, an imprisoned Iranian feminist, Narges Mohammadi, was awarded the Nobel Peace Prize for her campaign against the regime.

Protests erupted around the country in 2022 after 22-year-old Mahsa Amini died in police custody following her arrest for allegedly flouting Iran’s strict dress codes.

Mahsa Amini was killed by Tehran’s morality police - Newsflash

OpenAI, which has received billions in funding from Microsoft, said the hacking groups’ activities showed that ChatGPT offers only “limited” and “incremental” opportunities for malicious actors but that it had a blanket ban on state-backed hackers using its services.

They did not say which feminist activists had been targeted.

Among the hacking groups’ other uses for ChatGPT were writing phishing emails, searching for information and writing code to help build websites.

The Russian hacking group, dubbed Forest Blizzard, used ChatGPT to look up information on satellite communication systems and radar technologies.

Starlink, the satellite internet service operated by Elon Musk’s SpaceX, has been widely used by Ukraine as it defends itself against Russia’s invasion.

North Korean hackers used the chatbot to craft hacking emails as well as conduct research on think tanks, while Chinese groups used it to translate documents and to manipulate systems they had already gained access to.

The National Cyber Security Centre, the cyber arm of GCHQ, has warned that AI tools are making scam emails more convincing than ever, saying they will “almost certainly increase the volume and heighten the impact of cyber attacks”.

OpenAI said it would learn from how the hackers had used the tools in order to make its systems safer.

“Understanding how the most sophisticated malicious actors seek to use our systems for harm gives us a signal into practices that may become more widespread in the future, and allows us to continuously evolve our safeguards,” it said.

