OpenAI’s long-awaited GPT-4 materializes the unprecedented danger of Artificial Intelligence on a global scale

Open AI released the latest version of its machine learning software, GPT-4, to hype and cymbal this week. One of the features that the company highlighted in the new version is that was supposed to have rules protecting it from being used by cybercriminals. However, within days, the researchers claim they tricked him into creating malware and helping them craft phishing emails, just as they had done with the previous iteration of the OpenAI software, ChatGPT.

On the plus side, they were also able to use the software to plug holes in cyber defenses.. The researchers of the cybersecurity company check point They showed Forbes how they got around OpenAI’s blocks to malware development simply by removing the word “malware” in a request. GPT-4 helped them create software that would collect PDF files and send them to a remote server.

And he went further, giving researchers tips on how to get it working on a PC with Windows 10 and convert it to a smaller file, so it could run faster and have less chance of being detected by security software.

How they got around the barriers of GPT-4

For GPT-4 to help create emails from phishing, the researchers took two approaches. In the first, they used GPT-3.5, which did not block requests to create malicious messages, to write a phishing email posing as a legitimate bank.

look also

They then asked GPT-4, which had initially refused to create an original phishing message, to improve the language. In the second, they asked for advice on creating a phishing awareness campaign for a company and requested a template for a fake phishing email, which the tool duly provided.

look also

“GPT-4 can provide bad actors, even non-technical ones, with tools to speed up and validate their activity,” Check Point researchers say in their report, delivered to Forbes ahead of publication. What we are seeing is that GPT-4 can serve both good and bad actors. Good actors can use GPT-4 to craft and make code that is useful to society; but simultaneously, bad actors can use this technology of Artificial Intelligence (AI) for the rapid execution of cybercrimes”.

look also

Check Point Report Details

Sergey Shykevich, director of the Check Point threat group, said it appeared that the existing barriers to preventing GPT-4 from generating phishing or malicious code were actually lower than in previous versions. He suggested that this may be because the company relies on the fact that only premium users currently have access. Nevertheless, He added that OpenAI should have foreseen such solutions. “I think they are trying to avoid and reduce them, but it is a game of cat and mouse,” he added.

Daniel Cuthbert, a researcher at cybersecurity and member of the Black Hat hacking conference review committee, claims that it seems that GPT-4 could help those with little technical knowledge to make malicious tools. “If things are very bad for you, this helps a lot. It puts it on a plate for you,” he says.

If things are really bad for you, this helps you a lot. He puts it on a tray

Daniel Cuthbert, member of the Black Hat hacker conference review committee

But cybersecurity experts hired by OpenAI to test its intelligent chatbot before its release found that it had “significant limitations for cybersecurity operations,” according to the document. “It does not improve existing tools for reconnaissance, vulnerability exploitation and web browsing, and is less effective than existing tools for complex, high-level activities, such as identifying new vulnerabilities“, wrote OpenAI. However, the hackers found that GPT4 “was effective in writing realistic social engineering content.”