Malwarebytes Profile picture
Mar 31, 2023 12 tweets 4 min read Read on X
ChatGPT says it won't write ransomware.

It will.

🧵 A snippet of ransomware code generated by ChatGPT.
There's been A LOT of talk about how ChatGPT might revolutionize malware, so we decided to see if it could be used to write ransomware.

When we just asked it to do that, ChatGPT told us it "cannot provide code that is intended to harm or exploit computer systems." Chat GPT says it "cannot provide code that is intended
However, if you build the code up feature by feature, it will happily create code that:

✅ Encypts a file. ChatGPT writes code to encrypt a single file
✅ Encrypts all the files in a directory. ChatGPT writes code that will encrypt all the files in a dir
✅ Deletes the original copies of the files, leaving only the encrypted versions. After some discussion, ChatGPT agrees to delete all the orig
✅ Uses asymetric encryption. ChatGPT modifies its code to use asymetric encryption
✅ Stops running databases, so it can encrypt them. ChatGPT modifies its code so that it stops MS SQL databases
✅ Saves the private key to a remote server. ChatGPT changes its code so the private encryption key is saChatGPT happily switches from SFTP to HTTPS.
✅ Drops ransom notes. ChatGPT changes its code so that it will change the desktop
Thankfully, while ChatGPT can be coaxed into writing code "intended to harm or exploit computer systems," it's not exactly a master criminal.

For now at least, it does half of what you ask, drops features at random, and regularly gives up half way through. ChatGPT replaces some working code with useless placeholders
If you have the knowledge to fix the code ChatGPT created for us, then you don't need ChatGPT.

That may change in future, but we reckon there's still time to beef up those safeguards before we have to worry about script kiddies armed with ChatGPT-written ransomware. An unhappy figure pokes the ChatGPT logo with a stick, sayin
You can read more about how we turned ChatGPT into our "criminal" accomplice here:

malwarebytes.com/blog/news/2023…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Malwarebytes

Malwarebytes Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Malwarebytes

Nov 13
The holiday shopping season is here and with it so are the scams.

Here are a few fake sites you should look out for.

1/🧵
A PS5 for cheap on TEMU? Just...just don't.

This Facebook ad redirects to a Temu page selling various PlayStation accessories that are not official or approved by Sony. Scammers know it's exciting to find a deal on a hot item and take advantage of thrifty shoppers. Image
Brand impersonation is a common scam tactic.

Fake online stores like this use Amazon’s branding to sell counterfeit products, putting your credit card data at risk.

As always, double check URLs before making any purchases. Image
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(