The launch of ChatGPT and its accompanying headlines have been heard around the world. And threat actors are leveraging this interest to launch new attacks. 

You don’t have to look hard to find a headline relating to ChatGPT, the latest and most intriguing AI service to be released to the public. Everyone has been talking about it and, of course, this also includes hackers. After all, anything which proves popular – such as social media and cryptocurrency – quickly becomes an attractive method of delivering malware. Now, while you and your business may not use ChatGPT daily, this latest campaign utilizes a few attack strategies you need to be aware of. 

How Has ChatGPT Got Caught Up in Malware? 

The massive interest generated by ChatGPT means that AI related apps are at the forefront of most internet users’ thoughts. As a result, threat actors have decided to turn this interest to their benefit with their most favored technique: deception. The attacks, which were discovered by Meta, the owners of Facebook, have involved 10 different malware families and, on Meta’s platforms alone, 1,000 malicious links relating to ChatGPT. 
 
Two of the most notable strains detected, which appear to have originated from Vietnam hacking groups, are NodeStealer and DuckTail. NodeStealer is a JavaScript-based piece of malware which is used to steal cookies and login credentials. DuckTail, meanwhile, not only steals cookies, but also focuses on hijacking Facebook business accounts to access lucrative ad accounts. Both of these malware strains are typically spread and activated via infected files or links to malicious websites. 

How Do You Stay Ahead of AI Malware? 

The official and genuine ChatGPT site has already been used by threat actors to develop new malware, so there is already concern about how it can be compromised. And this latest attack, while not directly involving the app, certainly adds fuel to the fire. Deception, of course, is nothing new in the world of hacking. But the number of people who fall for the duplicitous schemes of hackers is astronomical. Therefore, you need to remain on your guard by following these best practices: 

  • Use two-factor authentication: many of the malware strains identified in the latest round of ChatGPT-related attacks involve stealing credentials. Therefore, there’s never been a better time to implement a further layer of security in the form of two-factor authentication. While it won’t necessarily protect against session hijacks, two-factor authentication will significantly reduce the risk of unauthorized access to your accounts. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More


Computer networks are complex pieces of technology, but, thankfully, when it comes to protecting them, the processes are relatively simple.

If you’re an organization that works with PCs then the chances are that the backbone of your IT infrastructure will be a network. Packed full of benefits that enhance accessibility, speed and communication, a PC network is crucial for productivity. However, due to the incredible amount of data being transmitted across a network, these bastions of connectivity are squarely in the targets of hackers. And that’s why it’s important that your network is protected from any external threats.

You can, of course, invest heavily in a wide range of security solutions to protect your network, but it’s vital that you make sure you follow the basics as your best defense. So, if you want to know what these are, just take a look at our guide on the basics of protecting your network.

Always Use a Firewall

Your organization’s network is private and, therefore, the last thing you want is for third parties to be accessing the network and viewing its traffic. The most popular and effective method for preventing this is by installing a firewall. A piece of software that analyses incoming and outgoing activity, a firewall is a multi-layered form of defense that can monitor network activity, report unusual behavior and enforce security policies.

Work with Two-Factor Authentication

It’s highly likely that you’re familiar with the process of using login credentials to access networks and applications, but have you ever used two –factor authentication? While the standard practice of entering a login name and a password is highly secure, two-factor authentication makes it doubly so. The concept of two-factor authentication is that users have to go through two forms of authentication to gain access to the network e.g. after entering a username and password, users must then activate a link emailed to a secure email account.

Install Anti-Malware Software

Malware is any form of malicious software that aims to exploit vulnerabilities in your PCs (and their users) to gain access to your network. Naturally, this is the last thing you want, but it’s almost impossible to manually identify every threat entering your network. Therefore, it’s essential that you install anti-malware software to help protect your network. Capable of identifying the vast majority of active threats (and regularly updated against new ones), anti-malware software provides you with peace of mind that your defenses are strong.

Segment Your Networks

A simple way to enhance the security of your network is by segmenting it into individual sub-networks. Not only does this approach enhance the performance of each ‘segment’, it also increases the security of the network as a whole. For example, if a hacker manages to gain access to one of the segments, they will only have access to that one segment. The other sub-networks will be fenced off with their own unique security measures and, therefore, make it much harder for a hacker to gain access to the entire network.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More