{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,23]],"date-time":"2026-04-23T10:14:07Z","timestamp":1776939247611,"version":"3.51.4"},"reference-count":39,"publisher":"Frontiers Media SA","license":[{"start":{"date-parts":[[2023,9,4]],"date-time":"2023-09-04T00:00:00Z","timestamp":1693785600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["frontiersin.org"],"crossmark-restriction":true},"short-container-title":["Front. Comms. Net."],"abstract":"ChatGPT has garnered significant interest since its release in November 2022 and it has showcased a strong versatility in terms of potential applications across various industries and domains. Defensive cybersecurity is a particular area where ChatGPT has demonstrated considerable potential thanks to its ability to provide customized cybersecurity awareness training and its capability to assess security vulnerabilities and provide concrete recommendations to remediate them. However, the offensive use of ChatGPT (and AI-powered conversational agents, in general) remains an underexplored research topic. This preliminary study aims to shed light on the potential weaponization of ChatGPT to facilitate and initiate cyberattacks. We briefly review the defensive usage of ChatGPT in cybersecurity, then, through practical examples and use-case scenarios, we illustrate the potential misuse of ChatGPT to launch hacking and cybercrime activities. We discuss the practical implications of our study and provide some recommendations for future research.<\/jats:p>","DOI":"10.3389\/frcmn.2023.1220243","type":"journal-article","created":{"date-parts":[[2023,9,4]],"date-time":"2023-09-04T11:14:56Z","timestamp":1693826096000},"update-policy":"https:\/\/doi.org\/10.3389\/crossmark-policy","source":"Crossref","is-referenced-by-count":17,"title":["When ChatGPT goes rogue: exploring the potential cybersecurity threats of AI-powered conversational chatbots"],"prefix":"10.3389","volume":"4","author":[{"given":"Farkhund","family":"Iqbal","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Faniel","family":"Samsom","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Faouzi","family":"Kamoun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"\u00c1ine","family":"MacDermott","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1965","published-online":{"date-parts":[[2023,9,4]]},"reference":[{"key":"B1","unstructured":"DeepDGA: adversarially-tuned domain generation and detection\n AndersonH. S.\n WoodbridgeJ.\n FilarB.\n 2016"},{"key":"B2","doi-asserted-by":"publisher","first-page":"61","DOI":"10.47893\/ijssan.2022.1221","article-title":"Prevention of phishing attacks using AI-based cybersecurity awareness training","volume":"3","author":"Ansari","year":"2022","journal-title":"Int. J. Smart Sens. Adhoc Netw."},{"key":"B3","doi-asserted-by":"publisher","DOI":"10.2139\/ssrn.4341500","article-title":"Is ChatGPT leading generative AI? What is beyond expectations?","author":"Ayd\u0131n","year":"2023","journal-title":"SSRN Electron. J"},{"key":"B4","doi-asserted-by":"crossref","DOI":"10.1145\/3052973.3053037","article-title":"Scaling and effectiveness of email masquerade attacks","author":"Baki","year":"2017"},{"key":"B5","unstructured":"OpwnAI: AI that can save the day or HACK it away\n Ben-MosheS.\n GekkerG.\n CohenG.\n 2022"},{"key":"B6","doi-asserted-by":"publisher","first-page":"122","DOI":"10.3390\/info10040122","article-title":"A survey of deep learning methods for cyber security","volume":"10","author":"Berman","year":"2019","journal-title":"Information"},{"key":"B7","unstructured":"Language models are few-shot learners CoRR\n BrownT. B.\n MannB.\n RyderN.\n SubbiahM.\n KaplanJ.\n DhariwalP.\n 2020"},{"key":"B8","unstructured":"Sparks of artificial general intelligence: early experiments with GPT-4\n BubeckS.\n ChandrasekaranV.\n EldanR.\n GehrkeJ.\n HorvitzE.\n KamarE.\n 2023"},{"key":"B9","volume-title":"Scamming the scammers: using ChatGPT to reply mails for wasting time and resources","author":"Cambiaso","year":"2023"},{"key":"B10","unstructured":"Opwnai: cybercriminals starting to use ChatGPT2023"},{"key":"B11","unstructured":"Machine generated text: a comprehensive survey of threat models and detection methods\n CrothersE.\n JapkowiczN.\n ViktorH.\n 2023"},{"key":"B12","doi-asserted-by":"publisher","DOI":"10.31873\/IJEAS.10.1.01","article-title":"Are ChatGPT and deepfake algorithms endangering the cybersecurity industry? A review","volume":"10","author":"Dash","year":"2023","journal-title":"Int. J. Eng. Appl. Sci. (IJEAS)"},{"key":"B13","unstructured":"Is ChatGPT boon or bane for cyber risk management?\n GaurK.\n 2023"},{"key":"B14","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-030-14687-0_8","volume-title":"Community targeted phishing: a middle ground between massive and spear phishing through Natural Language generation","author":"Giaretta","year":"2020"},{"key":"B15","unstructured":"ChatGPT vs. Google search: in head-to-head battle, which one is smarter? [online] PCMAG\n GriffithE.\n 2023"},{"key":"B16","doi-asserted-by":"publisher","first-page":"100089","DOI":"10.1016\/j.tbench.2023.100089","article-title":"An era of ChatGPT as a significant futuristic support tool: a study on features, abilities, and challenges","volume":"2","author":"Haleem","year":"2023","journal-title":"BenchCouncil Trans. Benchmarks, Stand. Eval."},{"key":"B17","unstructured":"Unlocking the potential of ChatGPT: a comprehensive exploration of its applications, advantages, limitations, and future directions in Natural Language Processing\n HaririW.\n 2023"},{"key":"B18","unstructured":"How ChatGPT will change cybersecurity\n KaminskyS.\n 2023"},{"key":"B19","first-page":"1","article-title":"AI and machine learning: a mixed blessing for cybersecurity","author":"Kamoun","year":"2020"},{"key":"B20","unstructured":"How to bypass ChatGPT\u2019s content filter: 4 simple ways\n KenglyR.\n 2023"},{"key":"B21","unstructured":"DeepLocker concealing targeted attacks with AI locksmithing\n KiratD.\n JangJ.\n StoecklinM.\n 2018"},{"key":"B22","unstructured":"I used GPT-3 to find 213 security vulnerabilities in a single codebase medium\n KochC.\n 2023"},{"key":"B23","volume-title":"Fundamentals of generative large language models and perspectives in cyber-defense","author":"Kucharavy","year":"2023"},{"key":"B24","doi-asserted-by":"crossref","DOI":"10.5121\/ijci.2023.120207","volume-title":"Chatbots in a botnet world","author":"McKee","year":""},{"key":"B25","doi-asserted-by":"publisher","first-page":"77","DOI":"10.5121\/ijci.2023.120207","article-title":"Chatbots in a botnet world","volume":"12","author":"McKee","year":"","journal-title":"Int. J. Cybern. Inf."},{"key":"B26","doi-asserted-by":"publisher","first-page":"65","DOI":"10.52866\/ijcsm.2023.01.01.0019","article-title":"Towards artificial intelligence-based cybersecurity: the practices and ChatGPT generated ways to combat cybercrime","volume":"4","author":"Mijwil","year":"2023","journal-title":"Iraqi J. Comput. Sci. Math."},{"key":"B27","unstructured":"I built a Zero Day virus with undetectable exfiltration using only ChatGPT prompts\n MulgrewA.\n 2023"},{"key":"B28","unstructured":"91 important ChatGPT statistics & user numbers in april 2023 (GPT-4, plugins update) - nerdy nav\n NavN.\n 2022"},{"key":"B29","unstructured":"How hackers might be exploiting ChatGPT CyberNews\n Okunyt\u0117P.\n 2023"},{"key":"B30","unstructured":"GPT-4 technical report2023"},{"key":"B31","unstructured":"Introducing ChatGPT. [online] OpenAI2022"},{"key":"B32","unstructured":"Weaponizing machine learning: humanity was overrated anyway bishop fox\n PetroD.\n MorrisB.\n 2017"},{"key":"B33","unstructured":"Improving Language understanding by generative pre-training\n RadfordA.\n NarasimhanK.\n SalimansT.\n SutskeverI.\n 2018"},{"key":"B34","unstructured":"ChatGPT: a tool for offensive cyber operations?! Not so fast!\n RodriguezJ.\n 2023"},{"key":"B35","doi-asserted-by":"publisher","first-page":"1","DOI":"10.4018\/ijsppc.320225","article-title":"Do ChatGPT and other AI chatbots pose a cybersecurity risk?","volume":"15","author":"Sebastian","year":"2023","journal-title":"Int. J. Secur. Priv. Pervasive Comput."},{"key":"B36","volume-title":"Wire me through machine learning","author":"Singh","year":"2017"},{"key":"B37","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.compeleceng.2019.06.012","article-title":"Analysis of operating system identification via fingerprinting and machine learning","volume":"78","author":"Song","year":"2019","journal-title":"Comput. Electr. Eng."},{"key":"B38","doi-asserted-by":"publisher","first-page":"1543","DOI":"10.1007\/s10462-022-10205-5","article-title":"Survey on reinforcement learning for language processing","volume":"56","author":"Uc-Cetina","year":"2022","journal-title":"Artif. Intell. Rev."},{"key":"B39","unstructured":"2021 Cyber security threat trends-phishing, crypto top the list\n UmbrellaC.\n 2021"}],"container-title":["Frontiers in Communications and Networks"],"original-title":[],"link":[{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/frcmn.2023.1220243\/full","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,4]],"date-time":"2023-09-04T11:15:05Z","timestamp":1693826105000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/frcmn.2023.1220243\/full"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,9,4]]},"references-count":39,"alternative-id":["10.3389\/frcmn.2023.1220243"],"URL":"https:\/\/doi.org\/10.3389\/frcmn.2023.1220243","relation":{},"ISSN":["2673-530X"],"issn-type":[{"value":"2673-530X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,9,4]]},"article-number":"1220243"}}