Group-IB has launched its new report Hi-Tech Crime Trends 2023/2024, the latest edition of the company’s annual round-up of the most pressing global cyberthreats to organisations and individuals.
In the research, Group-IB analysts reveal how the unholy alliance between ransomware groups and Initial Access Brokers (IABs) is still the powerful engine for the cybercriminal industry, evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites (DLS).
Global threat actors also demonstrated increased interest in Apple platforms, exemplified by the fivefold increase in underground sales related to macOS information stealers.
The growing appetite of nation-state sponsored threat actors, also known as advanced persistent threat (APT) groups, has shown that no region is immune to cyberthreats. Group-IB experts discovered a 70% increase in the number of public posts offering zero-day exploits for sale, and also identified cybercriminals’ malicious use of legitimate services and AI infused technologies as the main cyber-risks for 2024.
The first edition of Hi-Tech Crime Trends was launched 12 years ago, and the information contained in the report enables businesses, NGOs, governments and law enforcement agencies to fight cybercrime and help potential victims.
For the first time, the report includes a section outlining the intricate relationship between AI and cybersecurity threats, outlining how this new technology is being leveraged by cybercriminals, including the misuse of large language models (LLM) such as ChatGPT, and the potential risks to corporate data through AI integration.
Threat actors have already shown how AI can help them develop malware only with a limited knowledge of programming languages, brainstorm new TTPs, compose convincing text to be used in social engineering attacks, and also increase their operational productivity.
Large language models (LLM) such as ChatGPT remain in widespread use, and Group-IB analysts have observed continued interest on underground forums in ChatGPT jailbreaking and specialised generative pre-trained transformer (GPT) development, looking for ways to bypass ChatGPT’s security controls. Group-IB experts have also noticed how, since mid-2023, four ChatGPT-style tools have been developed for the purpose of assisting cybercriminal activity: WolfGPT, DarkBARD, FraudGPT, and WormGPT – all with different functionalities.
FraudGPT and WormGPT are highly discussed tools on underground forums and Telegram channels, tailored for social engineering and phishing. Conversely, tools like WolfGPT, focusing on code or exploits, are less popular due to training complexities and usability issues. Yet, their advancement poses risks for sophisticated attacks.
Group-IB’s Hi-Tech Crime Trends 2023/2024 also highlighted the sale of compromised ChatGPT credentials on the Dark Web, building upon past research. With more employees relying on ChatGPT for work optimisation and its storage of past interactions, compromised logins could expose sensitive information, posing significant security risks for businesses. From January 2023 to October 2023, Group-IB detected more than 225,000 logs up for sale on the Dark Web containing compromised ChatGPT credentials. Group-IB’s Threat Intelligence platform found these compromised credentials within the logs of information-stealing malware traded on illicit Dark Web marketplaces.
Click below to share this article
