ChatGPT-aided ransomware in China results in four arrests as AI raises cybersecurity concerns
- The case is the first of its kind in China, where OpenAI’s popular chatbot is not officially available and Beijing has been cracking down on foreign AI
- Generative AI has raised a number of concerns around cybersecurity and intellectual property this year, forcing regulators to consider ways to respond
The attack was first reported by an unidentified company in Hangzhou, capital of eastern Zhejiang province, which had its systems blocked by ransomware, according to a Thursday report by state-run Xinhua News Agency. The hackers demanded 20,000 Tether, a cryptocurrency stablecoin pegged one-to-one to the US dollar, to restore access.
The police in late November arrested two suspects in Beijing and two others in Inner Mongolia, who admitted to “writing versions of ransomware, optimising the program with the help of ChatGPT, conducting vulnerability scans, gaining access through infiltration, implanting ransomware, and carrying out extortion”, the report said.
After OpenAI introduced its chatbot at the end of 2022, igniting an arms race in the field among tech giants, ChatGPT and similar products gained interest among Chinese users. However, OpenAI has blocked internet protocol addresses in China, Hong Kong and sanctioned markets like North Korea and Iran. Some users get around restrictions using virtual private networks (VPNs) and a phone number from a supported region.
On the commercial side, there are “compliance risks” for domestic companies that build or rent VPNs to access OpenAI’s services, including ChatGPT and text-to-image generator Dall-E, according to a report by law firm King & Wood Mallesons.
