What to do with a cloud intrusion toolkit in 2023? Slap a chat assistant on it, duh

2023-11-09 06:56

Infosec bods have detailed an underground cybersecurity tool dubbed Predator AI that not only can be used to compromise poorly secured cloud services and web apps, but has an optional chat-bot assistant that only kinda works.

Predator AI is apparently programmed to be to able to exploit 30 kinds of misconfigured or poorly setup web-based services and technologies, ranging from Amazon Web Services' Simple Email Service, Twilio, and WordPress to OpenCart, Magento, OneSignal, Stripe, and PayPal, SentinelLabs boffin Alex Delamotte explained on Wednesday.

Its optional chat-bot assistant - partially powered by OpenAI's ChatGPT - is likely only "Somewhat functional" at the moment, Delamotte added.

The configurable data-harvesting malware Predator can build can use Discord or Telegram for command-and-control purposes, and a video posted by its developer last month claimed the code is "Fully undetectable."

The extent of GPTj's capabilities is not entirely clear: it looks as though ChatGPT is used to handle basic questions about the tool, and actions are actually handled by the script itself when it recognizes requests from a hardcoded list.

"The actor designed Predator AI to try to find a local solution first before querying the OpenAI API, which reduces the API consumption," Delamotte explained.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/11/09/predatorai_infostealer_chatgpt/

#chat #cloud