Hacker Infestation Discovered in ChatGPT

ChatGPT’s introduction in November of 2023 also introduced a new attack surface for bad actors. They wasted no time exploiting it, according to an article by Elizabeth Montalbano in Dark Reading. She writes that a vulnerability in OpenAI’s ChatGPT infrastructure gave rise to more than 10,000 exploit attempts in a week coming from one malicious IP address. 

Enterprises in a number of countries were targeted, with the largest share, 33 percent, in the US. Targets in Germany and Thailand each comprised seven percent of the total, with the rest apportioned to Indonesia, Colombia, and the United Kingdom.

Researchers from cybersecurity company Veriti discovered the flaw. The company reports that of the organizations it analyzed, 35 percent were at risk because of misconfigurations within intrusion prevention systems, web application firewalls, and firewall settings. Financial institutions appear to have been the prime targets, but government and healthcare organizations were also attacked. 

The vulnerability, as listed on the National Vulnerability Database of the National Institute of Standards and Technology, “allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter.” 

Veriti’s report includes IP addresses from which the ChatGPT attacks were initiated, and it recommends that administrators monitor logs for attack attempts from these IPs as part of their remediation.

Organizations are also advised to check their intrusion prevention systems, web application firewalls, and firewall configurations. 

Recent findings also raise questions about the security of OpenAI’s generative large language model, according to Montalbano. “Indeed,” she writes, “ChatGPT and other chatbots have proven surprisingly easy for attackers to manipulate for nefarious purposes, keeping enterprise security teams on alert.”