Hackers are exploiting the popularity of generative artificial intelligence (AI) to deceive people into installing malicious software on their devices, according to a warning from Meta, the parent company of Facebook, Instagram, and WhatsApp.
Speaking at a news briefing, Meta’s Chief Information Security Officer Guy Rosen said that security analysts had recently found harmful code posing as ChatGPT, or similar AI tools.
Rosen explained that the latest wave of malware campaigns is taking advantage of the buzz surrounding generative AI technology. He said that hackers are using clickbait techniques to lure their victims into clicking on malicious links or installing programs that could steal their personal data and sensitive information.
The hackers’ approach is similar to that seen in crypto scams that capitalize on the public’s fascination with digital currency. Rosen observed that “from a bad actor’s perspective, ChatGPT is the new crypto.” He noted that Meta has yet to see generative AI being used by hackers as anything more than bait, but the company is preparing for the possibility that it could be weaponized.
Meta’s security team has discovered and blocked over a thousand web addresses that purport to offer ChatGPT-like tools but are, in reality, traps set by hackers. The company shares what it learns with other industry peers and the cyber defense community. Rosen said that the company is using ChatGPT for defensive purposes, such as protecting against hackers’ attacks and false online campaigns.
Meta’s head of security policy, Nathaniel Gleicher, emphasized that the company is already exploring how generative AI could be abused and what defenses are required to counter it. “Generative AI holds great promise and bad actors know it, so we should all be very vigilant to stay safe,” Rosen warned.
In conclusion, Meta’s warning highlights the importance of staying vigilant online and being cautious when clicking on unfamiliar links or downloading new software. The use of generative AI in this context illustrates how hackers will always seek to exploit new and emerging technologies to deceive and defraud their victims.