SAN FRANCISCO: Meta, the parent company of Facebook, has warned that hackers are using the promise of generative artificial intelligence like ChatGPT to trick people into installing malicious code on devices.
Over the course of the past month, security analysts with the social-media giant have found malicious software posing as ChatGPT or similar AI tools, chief information security officer Guy Rosen said on Wednesday.
“The latest wave of malware campaigns has taken notice of generative AI technology that has been capturing people’s imagination and everyone’s excitement,” Rosen said.
Meta, which also owns Instagram and WhatsApp, says it has seen “threat actors” hawk internet browser extensions that promise generative AI capabilities but contain malicious software designed to infect devices, according to Rosen.
In general, it is common for hackers to bait their traps with attention-grabbing developments, tricking people into clicking on booby-trapped web links or downloading programs that steal data.
“We’ve seen this across other topics that are popular, such as crypto scams fuelled by the immense interest in digital currency,” Rosen said.
“From a bad actor’s perspective, ChatGPT is the new crypto.”
Meta has found and blocked more than a thousand web addresses that are touted as promising ChatGPT-like tools but are actually traps set by hackers, according to the tech firm’s security team.
Meta has yet to see generative AI used as more than bait by hackers, but is bracing for the inevitability that it will be used as a weapon, Rosen said.
“Generative AI holds great promise and bad actors know it, so we should all be very vigilant to stay safe,” he said.
At the same time, Meta teams are working on ways to use generative AI to defend against hackers and deceitful online influence campaigns.
“We have teams that are already thinking through how (generative AI) could be abused, and the defences we need to put in place to counter that,” Meta head of security policy Nathaniel Gleicher said.
“We’re preparing for that.”
