BlackMamba or how ChatGPT writes malware

This part is technically feasible.

3) How to connect it all?

Here it is enough to create a list of prompts that the program will execute sequentially. Such text will weigh very little, which will not be too remarkable.

4) Can malware written in Python exist? They are also written in C/C++/Delphi/other jap!

Although antiviruses detect viruses in Python in most cases, there are still examples of writing viable viruses that successfully infected devices:

  • 2015 – PWOBot and Seaduke backdoor;

  • 2017 — Dr.Web employees discovered Python.BackDoor.33;

  • May 8, 2019 – Mac.BackDoor.Siggen.20 was spotted;

  • 2020 – PoetRAT Trojan;

  • and others…

As you can see, over time, the Python language is becoming more and more popular: a low entry threshold, ease of use, and high development speed. And with this, there are more and more programs written on it. At the same time, when the entry threshold for writing malware in C remains too high, it is not surprising that most of these malware have become written in Python.

5) About the delivery of malware or about “Oh, yes, I will never fall for this!”

Now, on the wave of hype around neural networks, there are a lot of all sorts of projects that can fall on both ordinary people who do not understand all this, and techies. And although there are manuals on how to put Alpaca or Dolly on your system unit, how many of you looked at this code for a strange code? Or they just downloaded it for themselves, without looking at what it all consists of. There are also a huge number people – not techieswho will say that “This manual is too complicated for me!” or “Too many letters, I want to press two buttons and everything is ready!”, and download some executable from the noname of the site, so as not to worry about the installation. And even if it actually performs its functions, it is not a fact that it will be safe.

Actually, this article was written in order to remind you that you should not lose your head during the general hype around neural networks. And that a new kind of malware has emerged, based on AI.

And after such a practical analysis, we can conclude that the implementation of such malware has a place to be in the modern world. That cannot be terrifying.

Thoughts on the future

While writing this article, one thought came to mind: Over the past 20 years, technology has made a huge breakthrough (and I hope it hasn’t finished breaking further), and from some 512 MB of RAM has grown to 32-128 GB in a PC alone, with ~20 GB of storage in the 2000s to a few TB in the present, from GeForce 2 to GeForce RTX 4090, and so on. And if previously there were popular malware in C, which weighed 200 kilobytes, then the popularity of malware in Python, weighing 20 megabytes, is not surprising. After all, what do these 20 megabytes mean for a modern user? — 20 pictures in PNG format; or three books in PDF format; or a 3-minute video; I don’t talk about software at all, the same Photoshop installer weighs 320 megabytes, but what about games? Atomic Heart weighs 78 gigabytes.

Why am I? Initially, when I saw the title of the article about BlackMamba, I thought: did they really make a virus a la Alpaca and fit it on a regular PC? For example, for the same 6-7bit versions, you need at least 5-6 GB of RAM, if this was run on a laptop with 8 GB of RAM, then it would be noticeable that the program is eating too much RAM. But in fact it was just a program running on the OpenAI API. However, over time, 5-10 years, a normal PC can default to 64 and 128 GB of RAM, and launching a full-fledged malicious neural network on the victim’s device will not be unusual. Only now, it will be possible if such a default PC requires such a huge amount of RAM. And it seems to me that even in time we will have enough of the same capacities that we have now. But one way or another, I believe that it is necessary to take action to detect such malicious programs now, otherwise it will be too late later.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *