OpenAI has shut down five accounts that were allegedly being used by government agents from China, Iran, Russia, and North Korea. According to OpenAI, these accounts were being used to generate phishing emails, write malicious software scripts, and conduct research on evading malware detection. The company, backed by Microsoft, worked with its sponsor to identify and deactivate the accounts. The terminated accounts include two China-affiliated threat actors known as Charcoal Typhoon and Salmon Typhoon, Iran-affiliated Crimson Sandstorm, North Korea-affiliated Emerald Sleet, and Russia-affiliated Forest Blizzard. OpenAI clarified that its models have limited capabilities for conducting malicious cybersecurity tasks and that they make efforts to prevent misuse through filtering requests. Microsoft’s Threat Intelligence team also provided its analysis of the activities carried out by these accounts. Chinese threat actors used OpenAI’s models to research specific companies and intelligence agencies, while Iranian actors sought to evade malware detection and develop phishing attacks. North Korean actors used the AI lab to find information on defense issues and public vulnerabilities, and Russian actors researched open source satellite and radar imaging technology. OpenAI previously downplayed the ability of its models to aid attackers, stating that they perform poorly at crafting exploits for known vulnerabilities.
OpenAI halts nation-state cyber-crews; accounts turned off
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-96.png)
Latest from News
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-123-720x480.png)
UK Firms Unite for Cybersecurity Success
TLDR: Yahoo is part of the Yahoo brand family, which includes Yahoo and AOL. When using Yahoo sites and applications, Cookies are used for
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-14-720x480.jpg)
PKfail vulnerability lets hackers install UEFI malware on 200+ devices
TLDR: PKfail vulnerability affects over 200 device models, compromising Secure Boot. Exploiting the vulnerability allows attackers to install UEFI malware. Article Summary: The PKfail
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-121-720x480.png)
OpenStack Nova flaw lets hackers infiltrate cloud servers without permission
TLDR: A vulnerability in OpenStack’s Nova component, tracked as CVE-2024-40767, allows hackers to gain unauthorized access to cloud servers. The vulnerability affects multiple versions
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-40-720x480.jpg)
CrowdStrike alert: New phishing scam targets German customers
TLDR: – CrowdStrike warns of a new phishing scam targeting German customers. – Malicious installers distributed via a fake website impersonating a German entity.
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-36-720x480.jpg)
Beware: NKorea Cyber Op Targets Military, Nuclear Secrets in UK, US, SKorea
Article Summary TLDR: UK, US, and S. Korea issued a warning about a North Korea-backed cyber espionage campaign The group Andariel has been targeting