ChatGPT AI Malware Used to Bypass EDR
March 20th, 2023 |
It was only a matter of time before ChatGPT introduced a slew of problems for cybersecurity. A researcher has successfully used ChatGPT to develop polymorphic malware that successfully bypasses EDR (Endpoint Detection and Response) tools.
Polymorphic malware is a type of malicious software that changes its code and appearance every time it replicates or infects a new system. This makes it much more difficult to detect and analyze because the malware appears different each time it infects a system, even though it performs the same functions.
This AI-powered polymorphic malware, Blackmamba, can gather sensitive data such as usernames, credit card numbers, passwords, and other confidential data entered by a user into their device.
Once the data is captured, Blackmamba employs an application, such as MS teams, to webhook to transfer it to the attacker’s Teams channel, where it can be sold on the dark web along with other criminal purposes.
Attackers can use ChatGPT to modify the code to make it more elusive. Though the techniques remain the same, ChatGPT has empowered attackers with significant advantages in evasion to get broader reach and deeper penetration resulting in a more devastating outcome.
Acreto Ecosystem security addresses this challenge by:
- Providing a dedicated security infrastructure per application or use case. This means that only users, devices, systems and applications that need to interoperate can interconnect and have access- regardless of the type of technology, its location, network or ownership. All other technologies are automatically isolated without any additional effort.
- Despite the constantly evolving polymorphic threats, Acreto implements a positive security model. Only communications where the network protocol and port, application protocol and application programs criteria are met are allowed. All other communications are excluded. Malware, especially ransomware can not emulate application programs.
Acreto Ecosystems secure any technology, on any network, anywhere. An Ecosystem provisions in 5 minutes and deploys in around 2 hours without the need for products, logistics and hard-to-find experts. Contact Acreto today for more information or to evaluate Ecosystem security for your organization.