Cybercriminals are using artificial intelligence in a new era of malware - Help Net Security.

According to Group-IB's 2023/2024 Cybercrime Trends Report, the alliance between ransomware groups and initial access representatives (IABs) continues to be a powerful driver of the cybercrime industry.

The number of companies that had data uploaded to specialized data leakage sites (DLS) increased 74% from last year.

Global threats have also shown an increased interest in Apple platforms, illustrated by a five-fold increase in clandestine sales related to information theft on macOS.

The growing interest of state-sponsored groups, also known as advanced threat groups (APTs), has shown that no region is immune to cyber threats.

Group-IB experts found a 70% increase in the number of public publications offering zero-day exploits for sale, and identified cybercriminals' malicious use of legitimate services and artificial intelligence (AI)-based technologies as the top cyber risks for 2024.

The 2023/2024 Cybercrime Trends Report includes a section that reveals the relationship between artificial intelligence and cyberthreats.

It details how cybercriminals are exploiting this new technology, including the misuse of large language models (LLMs) such as ChatGPT, as well as the potential threats to corporate data when integrating AI.

ChatGPT Threats Threats have already demonstrated how AI can help them develop malware even with limited knowledge of programming languages, create new TTPs and compose persuasive text for use in social engineering attacks, and improve operational performance.

Large language models such as ChatGPT remain widely used, and Group-IB analysts have noticed continued interest in underground forums in hacking ChatGPT and developing specialized generative pre-trained transformers (GPTs), looking for ways to bypass ChatGPT security controls.

Group-IB experts also noted that since mid-2023, four ChatGPT-based tools have been developed to aid cybercriminal activity: WolfGPT, DarkBARD, FraudGPT and WormGPT - each with its own functionality.

FraudGPT and WormGPT are the most discussed tools on underground Telegram forums and channels, focusing on social engineering and phishing.

However, tools such as WolfGPT that focus on code or exploits are less popular because of the difficulty of learning and problems with use.

Nevertheless, their development poses risks for complex attacks.