This new ChatGPT-powered infostealer is targeting cloud platforms

Cloud computing graphics.
(Image credit: Shutterstock / Blackboard)

Hackers have developed a new Python-based infostealer malware that is able to specifically target cloud services. It has a few standout features, such as the integration of Artificial Intelligence (AI) technology. 

A report from SentinelLabs outlined how it discovered the tool named “Predator AI” being advertised and distributed on Telegram channels devoted to hacking. It has a ChatGPT-driven class that was implemented in the Python script, allowing for a chat-like interface. The goal of the implementation, the developer says, is to be less reliant on OpenAI API, while at the same time streamlining the infostealer’s functionalities. 

The tool has more than 11,000 lines of code and a GUI based on Tkinter. 


Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

No malicious intent?

As per the report, Predator AI’s goal is to simplify web application attacks against common technologies such as WordPress or AWS SES. The researchers also noted that Predator AI’s code overlaps, in good measure, with AlienFox and Legion, both of which are cloud spamming tools.

The tool is built for educational purposes only, the developer firmly stated, adding that it must not be used for illegal activities. That being said, Predator AI is being actively developed, with the newer versions coming with a Twilio account checker integration.

“While Predator AI is likely somewhat functional, this integration does not substantially increase an attacker’s capability,” the researchers explain. “The feature has not yet been advertised on the actor’s Telegram channel, and there are likely many edge cases that make it unstable and potentially expensive.”

To stay safe from Predator AI and other similar tools, businesses need to keep their systems and endpoints up to date, restrict internet access wherever possible, and deploy cloud security solutions. The researchers also added that having specialized logging and detection mechanisms can be key to spotting unusual activity on cloud services, which can stop potent cyberattacks before they get out of hand. 

More from TechRadar Pro

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.