Chatbots exploited: Cybercriminals target new AI vulnerabilities
Chatbots are helpful tools that can be creatively employed. However, they also present an opportunity for cybercriminals, who are already exploiting DeepSeek, a Chinese LLM that competes with ChatGPT.
Artificial intelligence offers new possibilities. AI tools can enhance the work, but these benefits come with risks. It is not without reason that creators of platforms like ChatGPT continually work to improve security systems. Currently, the creators of Qwen and DeepSeek adopt a less rigorous approach to this issue—indeed, the latter language model can even advise on committing theft.
Hidden internet forums are rife with guides detailing using modern AI to produce harmful content, bypass security mechanisms, and breach protective systems. Cybercriminals have already developed detailed instructions on jailbreaking, a technique that removes the restrictions imposed on artificial intelligence models, allowing them to generate uncensored content.
New AI tools targeted by hackers
Experts at Check Point Research have identified four ways hackers exploit new AI models. Cybercriminals use Qwen to create advanced software for stealing confidential data. This enables them to intercept information such as payment card details, login credentials, and user passwords, which they can trade on the black market.
Techniques such as "Do Anything Now" or "Plane Crash Survivors" allow cybercriminals to manipulate AI models, compelling them to create content that would typically be blocked. Consequently, artificial intelligence can help write malicious software and prepare attacks on computer systems.
Artificial intelligence versus banks
New attack methods enable cybercriminals to bypass bank anti-fraud systems. Experts at Check Point Research have found that hackers share methods for interception of transactions and circumvention of security measures in financial institutions.
Cybercriminals use the capabilities of ChatGPT, Qwen, and DeepSeek to enhance spamming scripts. As a result, their activities become more effective and more complicated to detect by spam filtering systems.
New tools are evidently both an opportunity and a threat on a global scale. Technology companies must implement effective protective mechanisms to halt the growing wave of threats.
