OpenAI Says China-Backed Phishing Attempt Targeted Employees

OpenAI says hackers connected to the Chinese government attempted a phishing attack on its employees.

The artificial intelligence (AI) company revealed the attempt Wednesday (Oct. 9) in a report on its attempts to prevent “the disruptive uses” of its technology.

Earlier this year, the report said, OpenAI disrupted a “suspected China-based threat actor” known as “SweetSpecter” as it attempted to spear phish its employees by posing as a ChaptGPT user seeking support.

Spear phishing is a type of phishing scam that employs a more targeted approach to getting personal information via email. The report said that those support request emails contained malware designed to steal sensitive information.

“OpenAI’s security team contacted employees who were believed to have been targeted in this spear phishing campaign and found that existing security controls prevented the emails from ever reaching their corporate emails,” the report said.

In addition, the report also touches on propaganda efforts to use ChatGPT to influence elections around the world.

For example, the company in August disrupted a “covert Iranian influence operation” that generated social media comments and long-form articles about the U.S. election, alongside topics such as the conflict in Gaza, Western policies toward Israel and political issues in Scotland and Venezuela.

“So far this year, we have not observed any cases of election-related influence operations attracting viral engagement or building sustained audiences through their use of our models,” the report added.

The company in February revealed that, working with its partner and largest investor Microsoft, it had blocked five state-affiliated attacks: two connected to China, the others with ties to North Korea, Iran and Russia.

OpenAI’s latest report came two days after the National Security Agency (NSA) said it was taking part in a larger investigation into whether Chinese hackers have targeted American telecommunications companies. China’s embassy in Washington has rejected this claim.

This year has seen a number of reports on threats to U.S. critical infrastructure. For example, last month brought the news that a hacking campaign dubbed “Salt Typhoon” was targeting sensitive information and had breached some American internet service providers.

This hack involved an incursion into U.S. broadband networks, with cybercriminals establishing a foothold with the network that gave them access to data stored by telecommunications companies or carry out cyberattacks.

“This would be an alarming — but not really surprising — expansion of their malicious use of cyber to gain the upper hand over the United States,” Glenn Gerstell, former general counsel at the NSA, told The Wall Street Journal in September.