Hangzhou, Zhejiang Province –An unprecedented cybercrime incident involving AI-powered ransomware recently unfolded in Hangzhou, the bustling capital of eastern China’s Zhejiang province. An unidentified company fell victim to a sophisticated ransomware attack, with the perpetrators demanding a hefty ransom of $20,000, payable in the cryptocurrency Tether, to unlock and restore the company’s compromised systems.
In a swift response, Chinese law enforcement authorities successfully apprehended four suspects linked to the crime. Two of these arrests occurred in the nation’s capital, Beijing, with the remaining two taking place in the autonomous region of Inner Mongolia. These individuals, labeled as “GPT criminals” in the police reports, confessed to a range of cybercriminal activities. Their operations included writing ransomware programs, optimizing them with the assistance of OpenAI’s ChatGPT, conducting vulnerability scans, infiltrating systems, implanting ransomware, and carrying out extortion schemes. However, the police report has not clarified if the utilization of ChatGPT directly forms part of the criminal charges.
Stay One Step Ahead of Cyber Threats
This incident has spotlighted China’s stringent stance against foreign-based AI technologies, particularly ChatGPT. Despite its popularity worldwide, ChatGPT remains officially unavailable in China. The Chinese government has banned this particular AI tool and is considering extending the prohibition to encompass any applications that incorporate similar AI programs. This policy coincides with China’s push to develop and promote its own AI technologies. Baidu’s Ernie Bot, a ChatGPT-like AI, is a notable success in this regard, which has rapidly garnered over 100 million users.
Despite OpenAI’s efforts to block IP addresses from China, Hong Kong, North Korea, Iran, and other sanctioned markets, determined users have found ways to circumvent these restrictions. They primarily use virtual private networks (VPNs) and phone numbers from regions where OpenAI’s services are officially supported.
The misuse of AI extends beyond ransomware. According to Sophos researchers, while AI tools, including illicit clones of ChatGPT designed for malicious purposes, are present in the cybercrime landscape, they have not significantly transformed the scene. However, generative AI is increasingly being deployed in deceptive practices. Hiya researchers highlight the use of voice-cloning technology in scams, where perpetrators impersonate relatives or officials to dupe victims.
Additionally, two separate incidents further underline the challenges posed by the misuse of AI. In May, authorities in Gansu province arrested an individual for using ChatGPT to generate and disseminate fake news about a train crash. Another case in August saw the arrest of six people in Hong Kong who used deepfake technology to forge identification documents, which were then used in loan scams targeting various banks.
"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional
