OpenAI’s latest threat report reveals the alarming extent to which state-sponsored hackers from North Korea and China exploited its ChatGPT platform for cyberattacks

Continue reading
OpenAI’s latest threat report reveals the alarming extent to which state-sponsored hackers from North Korea and China exploited its ChatGPT platform for cyberattacks, surveillance, and disinformation campaigns—exposing critical gaps in the AI giant’s ability to proactively safeguard its technology. While the company claims to have banned malicious accounts linked to notorious hacking groups, cybersecurity experts criticize OpenAI’s delayed response and overreliance on external partners to detect threats, raising urgent questions about the security of AI systems in an era of escalating digital warfare.
In its February 2025 report, OpenAI disclosed it blocked multiple North Korean hacking collectives, including VELVET CHOLLIMA (Kimsuky) and STARDUST CHOLLIMA (APT38), which weaponized ChatGPT to refine cyberattacks. These actors used the AI to research vulnerabilities, debug malicious code, and craft phishing schemes targeting cryptocurrency platforms—a key revenue stream for the sanctions-starved Pyongyang regime. Notably, hackers sought coding assistance for brute-force RDP attacks, PowerShell scripts to obfuscate malware, and methods to bypass security protocols.
Critically, OpenAI detected these activities only after an unnamed industry partner flagged suspicious accounts, underscoring weaknesses in its internal monitoring. “This reactive approach is a red flag,” said Mira Jang, a threat analyst at SentinelOne. “State actors operated freely until third-party intel arrived. Where was OpenAI’s proprietary detection?”
Equally troubling was OpenAI’s admission that North Korean operatives infiltrated Western companies by posing as freelance IT workers. Using ChatGPT, they generated cover stories to explain odd behaviors—like avoiding video calls or logging in from unauthorized regions—while secretly funneling income to the regime. “They exploited AI to evade scrutiny while embedding themselves in corporate systems,” the report stated. Experts argue this highlights broader risks of AI-enabled social engineering.
OpenAI also disrupted Chinese-linked operations “Peer Review” and “Sponsored Discontent,” which leveraged ChatGPT to develop surveillance tools and spread Spanish-language anti-American content. These campaigns followed OpenAI’s October 2024 report, which detailed over 20 disrupted influence operations tied to Iran and China—suggesting persistent abuse by adversarial states.
While OpenAI shared detected malicious binaries with security vendors, enabling broader protection, critics note the damage was already done. “Why were these staging URLs and executables unknown until OpenAI stumbled upon them?” asked Javier Ortiz of the Cybersecurity Initiative. “This isn’t a victory—it’s a testament to flawed safeguards.”
The report’s timing further fuels skepticism. Despite boasting about banning accounts “since October 2024,” the delayed February 2025 disclosure implies months of unchecked exploitation. “AI companies must prioritize real-time threat hunting, not retrospective pats on the back,” Ortiz added.
The incidents underscore AI’s dual-use dilemma: while ChatGPT aids productivity, its misuse for phishing, malware, and disinformation poses existential risks. “OpenAI’s policies are reactive bandaids, not proactive shields,” said Karen Lee, an AI ethics researcher. “Without robust, real-time content moderation and behavioral analytics, platforms become playgrounds for adversaries.”
OpenAI defended its actions, stating it “continually updates systems to counter abuse,” but admitted challenges in balancing openness with security. The company has not disclosed plans to overhaul its detection infrastructure or collaborate more deeply with global cybersecurity agencies.

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation