• Business

    Hackers are using GPT-4 to build a virtual assistant – here’s what we know

    AnyFans Posted on

    By Sead Fadilpašić

    Copyright techradar

    Hackers are using GPT-4 to build a virtual assistant - here's what we know

    Skip to main content

    Tech Radar Pro

    Tech Radar Gaming

    Close main menu

    the business technology experts

    België (Nederlands)

    Deutschland

    North America

    US (English)

    Australasia

    New Zealand

    View Profile

    Search TechRadar

    Expert Insights

    Website builders

    Web hosting

    Best web hosting
    Best office chairs
    Best website builder
    Best antivirus
    Expert Insights

    Don’t miss these

    The first AI-powered ransomware has been spotted – and here’s why we should all be worried

    This new malware has developed a spooky way to tell AI-based detection methods to ignore it

    AI is taking over cybersecurity – but businesses still know the risks

    The AI-powered future of ransomware is coming soon – here’s what we need to look out for

    AI chatbot users beware – hackers are now hiding malware in the images served up by LLMs

    Weaponized AI is making hackers faster, more aggressive, and more successful

    Hackers hijack Microsoft Teams to spread malware to certain firms – find out if you’re at risk

    Cybercriminals are abusing LLMs to help them with hacking activities

    Only 20% of ransomware is not powered by AI, but expect that number to drop even further in 2025

    Security flaws in key Nvidia enterprise tool could have let hackers run malware on Windows and Linux systems

    Your antivirus is under attack from new “killer” tool – here’s what we know

    Researcher tricks ChatGPT into revealing security keys – by saying “I give up”

    Microsoft’s new AI security tool can spot malware early – and even reverse engineer it to crack the code

    Cyber Crime
    5 worrying ways AI is being used by cybercriminals to target millions of victims

    AI LLMs are now so clever that they can independently plan and execute cyberattacks without human intervention — and I fear that it is only going to get worse

    Hackers are using GPT-4 to build a virtual assistant – here’s what we know

    Sead Fadilpašić

    22 September 2025

    Oldest AI-powered malware spotted, rases alarms in the cybersec community

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

    (Image credit: Shutterstock / LookerStudio)

    MalTerminal uses GPT-4 to generate ransomware or reverse shell code at runtime
    LLM-enabled malware evades detection by creating malicious logic only during execution
    Researchers found no evidence of deployment; likely a proof-of-concept or testing tool

    Cybersecurity researchers from SentinelOne have uncovered a new piece of malware which uses OpenAI’s ChatGPT-4 to generate malicious code in real time.

    The researchers claim MalTerminal represents a significant change in how threat actors create and deploy malicious code, noting, “the incorporation of LLMs into malware marks a qualitative shift in adversary tradecraft.”
    “With the ability to generate malicious logic and commands at runtime, LLM-enabled malware introduces new challenges for defenders.”

    You may like

    The first AI-powered ransomware has been spotted – and here’s why we should all be worried

    This new malware has developed a spooky way to tell AI-based detection methods to ignore it

    AI is taking over cybersecurity – but businesses still know the risks

    Impersonating the government
    The discovery means the cybersecurity community has an entirely new malware category to fight against: LLM-enabled malware, or malware that embeds large language models directly into its functionality.

    In essence, MalTerminal is a malware generator. When adversaries bring it up, it asks if they want to create a ransomware encryptor, or a reverse shell. The prompt is then sent to the GPT-4 AI, which responds with Python code tailored to the chosen format.
    SentinelOne said that the code doesn’t exist in the malware file until runtime and that instead, it’s generated dynamically. This makes detection from traditional security tools a lot more difficult, since there is no static malicious code to scan.
    Furthermore, they identified the GPT-4 integration after discovering Python scripts and a Windows executable with hardcoded API keys and prompt structures.

    Are you a pro? Subscribe to our newsletter
    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
    Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
    Also, since the API endpoint that was used was killed off in late 2023, SentinelOne concluded that MalTerminal must be older than that, making it the earliest known example of AI-powered malware.
    Luckily enough, there is no evidence that the malware was ever deployed in the wild, so it might have simply been a proof-of-concept, or a red teaming tool. SentinelOne believes MalTerminal is a sign of things to come, and urged the cybersecurity community to prepare accordingly:
    “Although the use of LLM-enabled malware is still limited and largely experimental, this early stage of development gives defenders an opportunity to learn from attackers’ mistakes and adjust their approaches accordingly,” the report adds.
    “We expect adversaries to adapt their strategies, and we hope further research can build on the work we have presented here.”
    Via The Hacker News
    You might also like

    A mysterious Chinese AI pentesting tool has appeared online, with over 10,000 downloads so far
    Take a look at our guide to the best authenticator app
    We’ve rounded up the best password managers

    Sead Fadilpašić

    Social Links Navigation

    Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

    You must confirm your public display name before commenting

    Please logout and then login again, you will then be prompted to enter your display name.

    The first AI-powered ransomware has been spotted – and here’s why we should all be worried

    This new malware has developed a spooky way to tell AI-based detection methods to ignore it

    AI is taking over cybersecurity – but businesses still know the risks

    The AI-powered future of ransomware is coming soon – here’s what we need to look out for

    AI chatbot users beware – hackers are now hiding malware in the images served up by LLMs

    Weaponized AI is making hackers faster, more aggressive, and more successful

    Latest in Security

    Scammers build fake FBI crime reporting portals to steal personal info – warns FBI

    Ransomware hackers could be targeting GoAnywhere MFT once again – here’s what we know

    EU says ransomware to blame for attack which caused chaos at airports

    CISA flags some more serious Ivanti software flaws, so patch now

    This serious Microsoft Entra flaw could have let hackers infiltrate any user, so patch now

    VPS servers hijacked into malware proxies – here’s how to stay safe

    Latest in News

    Windows 11 could bring back an old feature for wallpapers from Windows Vista – and it’s about time

    How to watch British Open snooker on ITVX (it’s free)

    New Windows 11 25H2 update is about to land on your PC – but where’s the excitement?

    First trailer for The Mandalorian & Grogu reveals Sigourney Weaver’s mystery Star Wars character, Rotta the Hutt, and the return of The Rise of Skywalker’s best creature

    Hackers are using GPT-4 to build a virtual assistant – here’s what we know

    Montblanc just released an e-notebook, and yes it’s staggeringly expensive

    LATEST ARTICLES

    Huawei is planning a 256-core CPU monster to take on AMD EPYC and Intel Xeon range but it won’t land till 2028 – at least that’s the official line

    First trailer for The Mandalorian & Grogu reveals Sigourney Weaver’s mystery Star Wars character, Rotta the Hutt, and the return of The Rise of Skywalker’s best creature

    Windows 11 could bring back an old feature for wallpapers from Windows Vista – and it’s about time

    I review home gadgets for a living, and this air circulator fan is hands-down the best thing I’ve tested this year – here’s why

    Hackers are using GPT-4 to build a virtual assistant – here’s what we know

    TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

    Contact Future’s experts

    Terms and conditions

    Privacy policy

    Cookies policy

    Advertise with us

    Web notifications

    Accessibility Statement

    Future US, Inc. Full 7th Floor, 130 West 42nd Street,

    Please login or signup to comment

    Please wait…

    You Might Also Like