OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

OpenAI recently announced that it has disrupted three distinct hacker clusters that were using ChatGPT to assist in malicious operations. One cluster, tied to Russian-speaking groups, leveraged multiple accounts to prototype and refine a remote access trojan (RAT) and a credential stealer. Though the models refused direct requests for harmful code, the attackers worked around this by asking for modular building blocks—like obfuscation routines, clipboard monitoring, and data exfiltration scripts—to assemble their tools.

Another cluster originated in North Korea and overlapped with a campaign targeting diplomatic missions in South Korea. These actors used ChatGPT for tasks such as designing macOS Finder extensions, configuring VPN setups for Windows servers, converting browser extensions, and composing phishing campaigns. Their activities ranged across malware and command-and-control development, INF-memory execution strategies, API hooking, and credential theft methods.

The third cluster linked to Chinese threat actors (also tracked as “UNK_DropPitch” or UTA0388) used ChatGPT to support phishing operations aimed at the semiconductor and investment sectors. They generated multilingual phishing content, expedited routine tooling tasks (remote execution, traffic obfuscation, HTTPS protections), and hunted for code and techniques in open-source repositories. OpenAI described this group as technically capable, albeit not deeply sophisticated.

Beyond these three, OpenAI also disrupted accounts tied to scam networks in countries like Cambodia, Myanmar, and Nigeria that used ChatGPT for investment scams, translations, and social media content generation. Other accounts connected to influence operations employed ChatGPT to analyze and generate social media content, including posts aimed at minority groups and political narratives. Some users even attempted to suppress telltale AI writing patterns—for example by removing em-dashes—from generated content to avoid detection.

In issuing its report, OpenAI emphasized that while its models blocked direct generation of malicious content, threat actors have adapted by breaking down their needs into smaller, allowed requests. The company views this as an evolution in adversarial tactics—where attackers use AI not as a blunt instrument, but incrementally to gain efficiencies in their existing workflows. At the same time, OpenAI’s actions demonstrate how AI providers might proactively monitor and mitigate abuse of their platforms.