OpenAI Bans ChatGPT Accounts Linked to Nation-State Threat Actors - Dark Reading

THREAT INTELLIGENCE CYBERATTACKS & DATA BREACHES CYBERSECURITY ANALYTICS VULNERABILITIES & THREATS NEWS OpenAI Bans ChatGPT Accounts Linked to Nation-State Threat Actors The AI company's investigative team found that many accounts were using the program to engage in malicious activity around the world, such as employment schemes, social engineering, and cyber espionage. Kristina Beek,Associate Editor,Dark Reading June 9, 2025 2 Min Read SOURCE: MUNDISSIMA VIA ALAMY STOCK PHOTO NEWS BRIEF OpenAI banned ChatGPT accounts operated by state-backed actors from countries like Russia and China. The accounts were being used to assist with malware development, social media automation, research about US satellite communications technologies, and more, according to OpenAI's report.  In the past three months, OpenAI's investigative teams were able to detect and disrupt abusive activity such as social engineering, cyber espionage, deceptive employment schemes, cover influence operations, and scams. The company said it used AI technology as a "force multiplier" in the investigations. Much of this activity (four out of 10 cases) appeared to originate from China, but activity from Cambodia, the Philippines, Iran, and Russia were also detected. The tech giant said that it banned dozens of China-based accounts it found using ChatGPT to bulk generate social media posts revolving around topics like the shutdown of USAID, divisive US political discourse, and other topics. ChatGPT accounts in Cambodia were found generating short recruitment-style messages in an assortment of languages including English, Spanish, and Swahili. In North Korea, accounts were using ChatGPT to research technical tools that could be used to evade security measures and maintain an undetected remote presence. North Korean threat actors were also banned after trying to use ChatGPT to perform work tasks and operate hardware in IT worker schemes. And in Russia, hackers were using ChatGPT to develop Windows malware, debug code, and create command-and-control infrastructure. OpenAI has attributed some of the activity to hacking groups like APT5 and APT15, which are threat groups tied to the Chinese government. In detailing its executive mission, OpenAI said it believes in ensuring that AI benefits the most people possible through common-sense rules that protect people from harm. "This includes preventing the use of AI tools by authoritarian regimes to amass power and control their citizens, or to threaten or coerce other states; as well as activities such as covert influence operations (IO), child exploitation, scams, spam, and malicious cyber activity," said OpenAI. "It also includes using AI to defend against such abuses." Read more about: News Briefs About the Author Kristina Beek Associate Editor, Dark Reading Kristina Beek is an associate editor at Dark Reading, where she covers a wide range of cybersecurity topics and spearheads video-related content. She is the creator and host of the Heard It From a CISO video series, where she interviews CISOs, directors, and other industry strategists to provide insights into the ever-evolving cybersecurity landscape. In addition to her editorial work, Kristina manages Dark Reading's social media channels and contributes to the platform's video coverage. Kristina graduated from North Carolina State University in 2021 with a degree in Political Science, concentrating in law and justice, and a minor in English. During her time at NC State, she honed her writing skills by contributing opinion pieces to the university's newspaper. After graduation, she began her career as a content editor before joining Dark Reading. Currently based in Washington, DC, you can find Kristina reading, taking walks in Georgetown, and wandering the museums surrounding the National Mall. Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports How Enterprises Are Developing Secure Applications How Enterprises Are Harnessing Emerging Technologies in Cybersecurity Ditch the Data Center: Understanding Flexible Cloud Infrastructure Security Management 2025 State of Malware Sysdig 2025 Cloud-Native Security and Usage Report Access More Research Webinars How Well Can You See What's in Your Cloud? Implementing CTEM: Beyond Vulnerability Management Defending Against AI-Powered Attacks: The Evolution of Adversarial Machine Learning Tips for Managing Cloud Security in a Hybrid Environment? Zero Trust Architecture for Cloud environments: Implementation Roadmap More Webinars You May Also Like THREAT INTELLIGENCE Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish by Jai Vijayan MAR 17, 2026 THREAT INTELLIGENCE Iran's Cyber-Kinetic War Doctrine Takes Shape by Alexander Culafi MAR 06, 2026 THREAT INTELLIGENCE React2Shell Exploits Flood the Internet as Attacks Continue by Rob Wright DEC 12, 2025 THREAT INTELLIGENCE Chinese Gov't Fronts Trick the West to Obtain Cyber Tech by Nate Nelson, Contributing Writer OCT 06, 2025 Editor's Choice CYBER RISK Physical Cargo Theft Gets a Boost From Cybercriminals byRobert Lemos MAY 4, 2026 5 MIN READ CYBER RISK NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later byDark Reading Editorial Team APR 28, 2026 IDENTITY & ACCESS MANAGEMENT SECURITY Oracle Red Bull Racing Team Revs Up Automation to Boost Security byArielle Waldman APR 30, 2026 5 MIN READ Want more Dark Reading stories in your Google search results? Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars How Well Can You See What's in Your Cloud? THURS, JUNE 4, 2026 AT 1:00PM EST Implementing CTEM: Beyond Vulnerability Management THURS, MAY 21, 2026 AT 1PM EST Defending Against AI-Powered Attacks: The Evolution of Adversarial Machine Learning MON, MAY 11, 2026 AT 1:00PM ET Tips for Managing Cloud Security in a Hybrid Environment? THURS, MAY 7, 2026 AT 1PM EST Zero Trust Architecture for Cloud environments: Implementation Roadmap TUES, MAY 12, 2026 AT 1PM EST More Webinars BLACK HAT ASIA | MARINA BAY SANDS, SINGAPORE Experience cutting-edge cybersecurity insights in this four-day event. Use code DARKREADING for a Free Business Pass or $200 off a Briefings Pass. GET YOUR PASS