Yapay Zeka Ararken Dikkat

 AI Ararken RedLine Yüklemeyin

OpenAI ChatGPT ve Midjourney gibi generatif AI hizmetleri için kötü niyetli Google Arama reklamları, RedLine Stealer kötü amaçlı yazılımını dağıtmak amacıyla kullanılıyor.

eSentire analizine göre, "Her iki AI hizmeti de son derece popüler olmasına rağmen bağımsız uygulamalara sahip değillerdir (yani kullanıcılar ChatGPT'ye web arayüzü üzerinden erişirken Midjourney Discord'u kullanır)," dedi.

"Tehdit aktörleri, sahte uygulamaları tanıtan sahte web sayfalarını tanıtan AI uygulama arayıcılardan yararlanmışlardır."

BATLOADER, kullanıcıların arama motorlarında belirli anahtar kelimeler aradıklarında sahte reklamların görüntülendiği ve tıkladıklarında kötü amaçlı yazılım barındıran yanıltıcı indirme sayfalarına yönlendirildikleri drive-by indirmeleri aracılığıyla yayılan bir yükleyici kötü amaçlı yazılımdır.

 

eSentire'a göre, kurulum dosyası, ChatGPT.exe veya midjourney.exe adlı bir yürütülebilir dosya ve Chat.ps1 veya Chat-Ready.ps1 adlı bir PowerShell komut dosyası içerir ve uzaktaki bir sunucudan RedLine Stealer'ı indirir ve yükler.

 

Kurulum tamamlandığında, ikili dosya Microsoft Edge WebView2'yi kullanarak chat.openai[.]com veya www.midjourney[.]com - yasal ChatGPT ve Midjourney URL'leri - pop-up penceresinde yükleyerek herhangi bir şüphe uyandırmadan açar.

Düşmanın, kötücül reklamlar sunmak ve sonuçta RedLine Stealer kötü amaçlı yazılımını bırakmak için ChatGPT ve Midjourney temalı tuzağı kullandığı da geçen hafta Trend Micro tarafından vurgulandı. Yapay Zeka Araçları BATLOADER'ın arkasındaki operatörlerin kötü amaçlı yazılım dağıtmak için yapay zeka çılgınlığından yararlandığı ilk kez değil. Mart 2023'te, eSentire benzer bir dizi saldırıyı ayrıntılı bir şekilde açıkladı, bu saldırılar Vidar Stealer ve Ursnif'i dağıtmak için ChatGPT tuzağından yararlandı.

Cybersecurity şirketi ayrıca Google Arama reklamlarının kötüye kullanımının 2023 başlarındaki zirveden düştüğünü belirtti, bu da teknoloji devinin bu tür kötüye kullanımları sınırlamak için aktif önlemler aldığını gösteriyor.

Bu gelişme, tehdit aktörlerinin kötü amaçlı yazılım ve diğer sahte uygulamaları dağıtmak için bu yapay zeka araçlarının artan kullanımından yararlanmaya çalıştığı daha geniş bir dolandırıcılık ve sahtekarlık kampanyası dalgasıyla uyumlu.

Güvenlik sağlayıcısı Sophos, ilgili bir araştırmada, Google Play ve Apple App Store'da ChatGPT ile ilişkili bir dizi fleeceware uygulamasını - toplu olarak FleeceGPT olarak adlandırılan - kullanıcıları istenmeyen aboneliklere zorladı.

Sophos araştırmacıları Jagadeesh Chandraiah ve Sean Gallagher, "Fleeceware uygulamaları, Apple ve Google hizmet şartlarının sınırlarında kalmak üzere tasarlandığı ve özel bilgilere erişmediği veya platform güvenliğini aşmayı denemediği için nadiren gözden geçirmede reddedilir ve uygulama mağazalarına alınır," dedi.

Son haftalarda, Meta ve Palo Alto Networks Unit 42, kullanıcıların kredi kartı bilgilerini toplamak, kredi kartı dolandırıcılığı yapmak ve kurbanların Facebook hesap bilgilerini çalan taklit ChatGPT hizmetine benzeyen sahtekarlık faaliyetlerinde artış olduğu konusunda uyarıda bulundu.

 

Looking for AI

 

While you are Looking for AI Watch Out for RedLine Malware

Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware.

"Both AI services are extremely popular but lack first-party standalone apps (i.e., users interface with ChatGPT via their web interface while Midjourney uses Discord)," eSentire said in an analysis.

"This vacuum has been exploited by threat actors looking to drive AI app-seekers to imposter web pages promoting fake apps."

BATLOADER is a loader malware that's propagated via drive-by downloads where users searching for certain keywords on search engines are displayed bogus ads that, when clicked, redirect them to rogue landing pages hosting malware.

The installer file, per eSentire, is rigged with an executable file (ChatGPT.exe or midjourney.exe) and a PowerShell script (Chat.ps1 or Chat-Ready.ps1) that downloads and loads RedLine Stealer from a remote server.

Once the installation is complete, the binary makes use of Microsoft Edge WebView2 to load chat.openai[.]com or www.midjourney[.]com – the legitimate ChatGPT and Midjourney URLs – in a pop-up window so as to not raise any red flags.

The adversary's use of ChatGPT and Midjourney-themed lures to serve malicious ads and ultimately drop the RedLine Stealer malware was also highlighted last week by Trend Micro.

This is not the first time the operators behind BATLOADER have capitalized on the AI craze to distribute malware. In March 2023, eSentire detailed a similar set of attacks that leveraged ChatGPT lures to deploy Vidar Stealer and Ursnif.

The cybersecurity company further pointed out the abuse of Google Search ads has fallen off from their early 2023 peak, suggesting that the tech giant is taking active steps to curtail its exploitation.

The development aligns with a broader wave of phishing and scam campaigns, wherein threat actors are attempting to cash in on the surging use of these AI tools to distribute malware and other bogus apps.

Security vendor Sophos, in a related research, outlined a set of ChatGPT-related fleeceware apps in the Google Play and Apple App Store — collectively dubbed FleeceGPT – that coerce users into signing up for unwanted subscriptions.

"Because fleeceware applications are designed to stay on the edge of Apple and Google terms of service and do not access private information or attempt to circumvent platform security, they are rarely rejected during review and are allowed into the app stores," Sophos researchers Jagadeesh Chandraiah and Sean Gallagher said.

In recent weeks, both Meta and Palo Alto Networks Unit 42 have warned of increasing fraudulent activity mimicking the ChatGPT service to harvest users' credit card details, perpetrate credit card fraud, and copycat chatbot browser extensions that steal victims' Facebook account details.

Between November 2022 through early April 2023, Unit 42 said it detected a 910% increase in monthly registrations for domains related to ChatGPT.

The findings come weeks after Securonix uncovered a phishing campaign dubbed OCX#HARVESTER that targeted the cryptocurrency sector between December 2022 and March 2023 with More_eggs (aka Golden Chickens), a JavaScript downloader that's used to serve additional payloads.

 OpenAI ChatGPT vs. Google Bard 

 

  v.s.  

In the comparison made by asking the same physics questions to OpenAI ChatGPT and Google Bard, it was observed that Google Bard is very fast (~3 sec) but its results are especially incorrect for numerically solved questions. Particularly, OpenAI's ChatGPT is quite slow (~140 sec), especially in numerical and even vector solutions, but it can mostly produce correct results, although in some questions, it was observed that it gives incorrect results, especially in the final step calculations. It has the ability to produce vector solutions for vector questions and can provide the result in vector format, using unit vectors if desired. However, it should be noted that the proper and mathematical definition of the problem (exponential expressions, logarithmic expressions, dot and vector products, etc.) is crucial for producing the correct result, which has been observed in different problem-solving scenarios.

However, it has not been possible to make a comparison in terms of text and translation topics because Google Bard states, "As an LLM, I have been trained to understand and respond only to a subset of languages, and I cannot assist with this. Please refer to the Bard Help Center for an up-to-date list of supported languages."

Google wants user feedback about Bard

“Bard is experimental, and some of the responses may be inaccurate,” Google pointed out. The team at Google even poked fun at some of Bard’s suggestions in its own announcement post.

Google also emphasized privacy. The version of Bard that was available through the wait list couldn’t answer questions about what happened earlier in a conversation between itself and a human, for example. According to the Bard FAQ, Google purposely limited Bard’s “ability to hold context.” Google is asking for users to send feedback on Bard’s responses.

In an internal email viewed by CNBC, Google and Alphabet CEO Sundar Pichai told employees, “Things will go wrong. But the user feedback is critical to improving the product and the underlying technology.”

Google is competing with Microsoft and OpenAI

Google Bard’s big name competitor is OpenAI’s ChatGPT. So far, ChatGPT has the advantage of already being able to write basic code, expanding its enterprise applications significantly.

Microsoft’s Bing search uses OpenAI’s GPT-4, the large multimodal model on which ChatGPT is built. ChatGPT is currently available with a subscription to OpenAI’s ChatGPT Plus.

Startup Anthropic, which has gained funding from Google, has its own AI assistant, Claude. Anthropic is playing in the search engine space with a partnership with DuckDuckGo while using Google as a cloud provider.

What tech leaders should consider before using AI

Chat assistance made with large language model AI have faced criticism for returning answers that are easily parsed but factually incorrect. There are also some concerns about the job training AI requires outweighing the productivity benefits, or AI content replacing human-made work and, therefore, limiting numbers of available jobs. Business leaders should take into account whether generative AI is appropriate for their workplace culture as well as whether it improves productivity.

 

 

OpenAI ChatGPT ile Google Bard Karşılaştırması

  v.s.  

Aynı fizik sorularını sorarak yapılan OpenAI ChatGPT ile Google Bard karşılaştırmasında  Google Bard'ın çok hızlı (3 sn) ve ürettiği sonuçların özelikle sayısal çözümlü sorular için yanlış olduğunu görüldü. Özellikle OpenAI'ın ChatGPT si özellikle sayısal çözüm ve hatta vectörel çözümlerde bile oldukça yavaş (~140 sn) fakat sonuçta çoğunlukla doğru sonuç varebilmesine rağmen bazı sorularda ise özellikle son adım işlemlerin sonucu yanlı verdiği gözlendi. Vektör sorularına vektör olarak çözüme ulaşmakta ve sonucu da gene vektör formunda ve istenirse de birim vectörleri kullanarak ve vektör formatında da yazarak verebilmektedir. Ancak unutulmaması gereken sorunun tam anlamıyla ve matematiksel olarak ta tam olarak tanımlanması (üst ifadeleri, logaritmik ifadeler, dot ve cevtör çarpımlar vb) sonucun doğru olarak üretilmesinde çok önemli olduğu değişik problem çözümlerinde gözlenmiştir.

Ayanı metin ile tercüme konularında  ise karşılaştırmak ise mümkün olmamıştır, çünkü GoogleBard "Bir LLM olarak, şu anda dillerin yalnızca bir alt kümesini anlamak ve bunlara yanıt vermek üzere eğitildim ve bu konuda yardım sağlayamıyorum. Desteklenen dillerin güncel bir listesi için lütfen Bard Yardım Merkezi'ne bakın." uyarısı vererek tercüme yapamamakta.

Google, Bard hakkında kullanıcı geri bildirimi istiyor

"Google, Bard'ın deneysel olduğunu ve bazı yanıtların yanlış olabileceğini belirtti. Google ekibi, hatta kendi duyuru gönderisinde Bard'ın bazı önerileriyle alay etti.

Google ayrıca gizliliğe önem veriyor. Bekleme listesi aracılığıyla erişilebilen Bard sürümü, örneğin kendisi ve bir insan arasındaki bir konuşmanın daha önce ne olduğuyla ilgili sorulara cevap veremiyordu. Bard SSS'ye göre, Google bilinçli olarak Bard'ın "bağlamı sürdürme yeteneğini" sınırlamıştır. Google, kullanıcılardan Bard'ın yanıtları hakkında geri bildirim göndermelerini istiyor.

CNBC tarafından görülen bir iç e-postada, Google ve Alphabet CEO'su Sundar Pichai, çalışanlara, "İşler yanlış gidecek. Ancak kullanıcı geri bildirimi, ürünü ve temel teknolojiyi geliştirmek için kritiktir." dedi. Google, Microsoft ve OpenAI ile rekabet ediyor

Google Bard'ın büyük rakibi, OpenAI'nin ChatGPT'sidir. Şu ana kadar, ChatGPT'nin temel programlama yazabilme avantajı vardır ve iş uygulamalarını önemli ölçüde genişletir.

Microsoft'un Bing arama motoru, ChatGPT'nin temelini oluşturan büyük çoklu model olan OpenAI'nin GPT-4'ünü kullanıyor. ChatGPT şu anda OpenAI'nin ChatGPT Plus aboneliği ile kullanılabilir.

Google'dan fon alan bir girişim olan Anthropic'ın kendi yapay zeka asistanı Claude'u bulunmaktadır. Anthropic, Google'ı bir bulut sağlayıcı olarak kullanırken, DuckDuckGo ile bir arama motoru alanında ortaklık yapmaktadır. Teknoloji 

liderlerinin AI kullanmadan önce düşünmesi gerekenler

Büyük dil modeli yapay zeka ile oluşturulan sohbet asistanları, kolayca ayrıştırılabilen ancak gerçekleri yanlış döndüren yanıtlarla eleştirilmiştir. Ayrıca, AI'nın gerektirdiği iş eğitiminin üretkenlik faydalarını aşma endişeleri ve AI içeriğinin insan yapımı çalışmayı değiştirmesi ve böylece mevcut iş sayısını sınırlaması konusunda bazı endişeler vardır. İş liderleri, generatif AI'nın iş yeri kültürü için uygun olup olmadığını ve üretkenliği artırıp artırmadığını dikkate almalıdır."

 

Giving Secure Online Examinations, Quizzes in the World of Artificial Intelligence and Chat BOTs

 To prevent cheating in online exams, it would be useful to first review how students cheat.

The following are some common ways of cheating in online exams:

• Unreasobale or unlimited Exam duration: Not setting a proper exam duration (start, end, and exam duration settings) can be a problem, even if start and end times are defined in some institutions, as defining an excessively long exam time or an exam that lasts from morning until evening is an invitation and even encouragement to cheat. In addition, the rights of other students who take the same or similar courses are also violated. The solution is to define a realistic and fair exam duration, just like in face-to-face exams, without forgetting the concepts of justice and fairness.
• Communication groups: Instant sharing of the answers of the solved questions by setting up communication groups can only solve cheating on random questions or questions that are diversified with different values.
• Sending exam questions to online sites and receiving the answers of the questions by sending them back. This type of cheating can only be solved by sequential questions and preventing the viewing and returning of the question. Also, a fair and reasonable exam duration setting is necessary.
• Opening a new tab/window or browser next to the internet browser page during the exam and searching for the solutions of the questions on electronic environments on the internet or sending emails to previously agreed persons to solve the question. This possibility can be prevented by setting the exam system's internet browser to kiosk mode through the Secure Browser setting.
• Same questions and answers for everyone. In this case, sharing the questions and answer choices directly through communication groups is possible. The solution is to have random questions and answer choices for each student.
• Unlimited Examination Entrance: One or more students who do not expect anything from the course, drop the course, or know for sure that they will fail, entering the exam first and sharing the questions one by one in groups, creating a copy question and answer pool, and then all other students entering the system and marking only the questions and their relevant correct answers. This possibility of cheating can be reduced by limiting the entry time to the exam.
• Use of open artificial intelligence programs/applications that are available to everyone online or in the form of an application.

After summarizing the most common cheating methods in online exams, the following techniques can be used to minimize these possibilities:

• The priority is to create a well-planned question pool entirely composed of new questions that are different every year and every term. 
• In this context, one of the things to do is to create a question pool for each section separately, which is quite diverse, even classified according to difficulty levels, and which produces different results by giving different numerical values ​​to the same difficulty and question set to create an exam pool. Thus, even if similar questions come to students who know each other, communicate, or even sit next to each other, the results will be different because the numerical values ​​of the numbers will be different. Even if they come as similar questions from random questions, at least copying in the first stage will be prevented because the numerical values ​​will be different. 
• It is essential to set questions as random and as a single question on each page.
• One of the things to be done is to make sure that the start, end, and duration settings of the exam are made, and the student finishes the exam at the end of the specified time for solving the questions. Once the time settings mentioned are made, the remaining time on the system will be displayed continuously, and the exam will be automatically saved and closed at the end of the time. 
• One of the ways to prevent cheating, especially in online exams, is to ensure that the questions appear sequentially, not free, one after the other, and only forward, and to prevent going back to previous questions. That is, it is to prevent students from copying the questions, sharing them with someone else, or finding the correct answers somewhere, and then returning to answer them. 
• Another way is to ensure that the questions and answer options are selected randomly during the exam. Thus, the possibility of similar or the same questions coming to close students who know each other, form a group or communicate is reduced, preventing copying. 
• Preventing students from opening another application in the background during the exam is another way to prevent cheating. This method, which can be used as a way to prevent students from searching for solutions to questions in another environment by connecting to the internet, is to take the exam in a Secure/Protected Browser mode. That is, the browser that is opened will be in kiosk mode and cover the entire screen, allowing the student to use only the question screen, preventing another browser or tab from being opened. 
  
• Ensuring that students enter the exam only in the allowed time at the beginning of the eaxmination, in the first 10 or 15-mins., depending on the situation, and preventing them from entering the exam in the following minutes is a way to prevent cheating. Thus, as soon as the exam starts, all students will enter the exam, and their time will begin. 
• Another method is to use some special software, sign online course registration requirements and rules for students at the beginning of the term, and install software that does not allow other connections and background applications in their PC/Table/Smartphone during exams. However, there may be cost and hesitation both at the institutional and student level.
• During the exam, monitoring and controlling the student and their surroundings through multiple cameras is another way of supervision. However, this method will require multiple supervisors to control multiple cameras during the exam, leading to institutional and student-level costs and concerns (such as monitoring personal environments).

• To prevent the use of open-access artificial intelligence programs online or through applications, questions should be prepared in image format rather than direct text format. Here, questions should be presented as an image with only the question text in text format or even the entire question in image format, with other necessary information provided in a suitable manner for solving the question. This may not be possible for every question, in which case the question should be created using complex watermark patterns or other designs and must be submitted in image format. As current artificial intelligence applications still use version 3.0 or 3.5, they cannot yet accept image or voice inputs. However, in the future, with version 4.0 or 5.0, using different designs in the background (like CAPTCHA) for image-format questions and submitting questions to the system in this way should be considered as a way to minimize cheating.

  Finally, it may not be possible to apply all of these methods simultaneously, but combining appropriate ones will be the most intelligent approach.