Russian and North Korean hackers used OpenAI tools to hone cyberattacks

Key Points:

  • State-backed hacking groups using OpenAI’s GAI tools for cyberattacks
  • OpenAI and Microsoft shutting down hackers’ access to GAI systems
  • Methods used by Microsoft and OpenAI to detect and disrupt malicious activities


Microsoft and OpenAI have revealed that state-backed hacking groups associated with China, Russia, North Korea, and Iran are utilizing OpenAI’s generative AI (GAI) tools to enhance cyberattacks. These groups are employing the GAI technology for code debugging, researching targets, creating social engineering methods, crafting phishing emails, and text translation.


OpenAI, whose technology powers Microsoft’s GAI products like Copilot, took action to halt the groups’ access to its systems upon discovering their misuse. The infamous Russian hacking group, Fancy Bear or APT 12, used OpenAI tools for open-source research on satellite communication protocols and radar imaging technology, as well as for scripting tasks.


Microsoft, in its cybersecurity endeavors, monitors over 300 hacking groups, including 160 nation-state actors, and collaborated with OpenAI to identify and address these state-backed threats. OpenAI is actively working to detect and disrupt malicious activities on its platforms by analyzing hacker interactions, tracking objectives, and leveraging its own models to detect illicit users. Upon detecting unauthorized usage, OpenAI takes measures such as deactivating accounts, terminating services, or limiting access to resources to counter the misuse of its technology.



Prompt Engineering Guides



©2024 The Horizon