North America, Europe, and Asia have been targeted by China-nexus threat operation UTA0388 with spear-phishing campaigns exploiting OpenAI's ChatGPT artificial intelligence chatbot to spread the GOVERSHELL malware, The Hacker News reports.Malicious emails with ChatGPT-crafted content purportedly from fake senior researchers and analysts have been sent by UTA0388 to deliver links redirecting to ZIP or RAR archives containing the GOVERSHELL backdoor, whose development is underway, according to a Volexity report.GOVERSHELL has already spawned five variants, including the most recent Beacon malware that could enable PowerShell command execution. Other tools, such as OneDrive, Sync, and Netlify, have also been used for archive file staging. AI exploitation by UTA0388 was also apparent in illicit workflow creation and open-source tool installation.Such findings follow a StrikeReady Labs report detailing phishing attacks against a Serbian aviation agency and other organizations across Europe that are believed to be part of a Chinese cyberespionage campaign.
Threat Intelligence, AI/ML
ChatGPT harnessed in Chinese spear-phishing campaigns
(Adobe Stock)
An In-Depth Guide to AI
Get essential knowledge and practical strategies to use AI to better your security program.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds