Check Point Software's research division, Check Point Research (CPR) observes that cybercriminals tend to use Telegram bots to bypass ChatGPT restrictions in underground forums. Bots use the OpenAI API to allow malicious emails or code to be generated.
Bot makers currently cover up to 20 free requests, but then charge $5.50 for every 100. CPR warns of ongoing attempts by cybercriminals to circumvent ChatGPT restrictions in order to use OpenAI to scale malicious purposes.
• CPR shares examples of Telegram bots ads
• CPR shares example of phishing created on a Telegram bot with any restriction
• CPR shares sample malware code created in a Telegram bot
Check Point Research (CPR) points out that cybercriminals are using Telegram bots and scripts to bypass ChatGPT restrictions.
Telegram chat ChatGPT Bot-as-a-Service
CPR found Telegram bots advertising on underground forums. Bots use the OpenAI API to allow a threat actor to generate malicious emails or code. The bot's creators offer up to 20 free requests, but then charge $5.50 for every 100.
Image 1. Underground advertising of OpenAI bot on Telegram in forums
Image 2. Phishing example created in a Telegram bot to demonstrate the ability to use the OpenAI API without restrictions
Image 3. Example of the ability to generate abuse-free malware code in a Telegram bot using the OpenAI API
Image 4. API-based ChatGPT channel business operation model
Scripts to bypass ChatGPT restrictions
CPR also observes cybercriminals creating basic scripts that use the OpenAIs API to bypass abuse restrictions.
Image 5. Example script that directly queries the API and bypasses the restrictions for developing malware
Comment: Sergey Shykevich, Threat Group Manager at Check Point Software
“As part of its content policy, OpenAI has created barriers and restrictions to stop the creation of malicious content on its platform. However, we see cybercriminals working around its limitations, and there is active discussion on underground forums revealing how to use the OpenAI API to bypass ChatGPT's barriers and limitations. This is mainly done by creating Telegram bots that use the API and these bots are advertised on hacking forums to increase their exposure. The current version of the OpenAI API is used by external applications and has very few abuse restrictions.
As a result, it allows the creation of malicious content such as phishing emails and malware code without the restrictions or barriers that ChatGPT has placed on their user interface. Right now, we're seeing continued efforts by cybercriminals to find ways around ChatGPT's limitations.”