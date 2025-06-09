OpenAI has moved to take down ChatGPT accounts leveraged by state-backed threat actors from China, North Korea, Russia, Iran, and the Philippines for malware improvement, disinformation campaigns, and employment scams, reports The Record, a news site by cybersecurity firm Recorded Future.
Nation-state hacking operations APT5, also known as Keyhole Panda, and APT15, also known as Vixen Panda, have created ChatGPT accounts to facilitate artificial intelligence-based penetration testing, credential brute-forcing, and automated social media activities, according to OpenAI. While other hacking groups tapped the AI chatbot to obtain public information regarding the U.S. Special Operations Command and the country's networking equipment and satellite communications, Russian hackers were observed to have harnessed ChatGPT to develop the ScopeCreep malware, which features privilege escalation and credential theft capabilities. On the other hand, North Korean attackers have utilized ChatGPT to create bogus resumes for the country's massive IT worker scheme, while numerous other attackers exploited the chatbot to generate content for influence operations leading to USAID shutdown and Taiwan backlash, among others, said OpenAI.
