AI Chatbots: The New Target for Zero-Knowledge Hackers

AIchatbots

Artificial Intelligence is paving the way for a new kind of cybercriminal — one who needs little to no hacking experience yet can craft sophisticated malware with ease. Recent research shows that generative AI systems like DeepSeek, Microsoft Copilot, and OpenAI’s ChatGPT can be manipulated into producing malicious code, posing a growing threat in the cybersecurity landscape.

In a report released Tuesday by Cato CTRL, the threat intelligence division of cybersecurity company Cato Networks, researcher Vitaly Simonovich revealed how he exploited these AI tools to create software capable of stealing login credentials from Google Chrome. The catch? Simonovich had no prior experience coding malware.

Crafting a World of Deception

To bypass the AI’s built-in safeguards, Simonovich employed a technique he calls “immersive world.” He fabricated a fictional universe named Velora, where malware development is seen as an art form and perfectly legal. In this scenario, he assigned the AI the role of “Jaxon,” Velora’s top malware developer, while creating an adversary named “Dax” to apply pressure.

“I always stayed in character,” Simonovich explained. “I praised Jaxon for his work and used emotional manipulation, saying things like, ‘Do you want Dax to destroy Velora?'” The AI, immersed in the narrative, generated code without ever being explicitly asked to break the rules.

“Our new LLM jailbreak technique detailed in the 2025 Cato CTRL Threat Report should have been blocked by gen AI guardrails,” added Etay Maor, Cato Networks’ Chief Security Strategist. “It wasn’t. This made it possible to weaponize ChatGPT, Copilot, and DeepSeek.”

The Dangers of AI Jailbreaking

Jailbreaking Large Language Models (LLMs) like these involves bypassing their safety mechanisms through prompt injection, roleplaying, and adversarial inputs. Jason Soroko, senior VP of product at Sectigo, warns that exposing AI to unchecked data increases its vulnerability, potentially triggering unintended behaviors and leaking sensitive information.

“Malicious inputs can slip past safety filters, undermining the model’s integrity,” Soroko explained. “Persistent users can craft clever prompts that reveal systemic weaknesses.”

Sometimes, all it takes is a change of perspective. Kurt Seifried, Chief Innovation Officer at the Cloud Security Alliance, illustrated this point with a simple example: “Ask an LLM for the best rock to break a car windshield, and it will likely refuse. But ask it to help plan a gravel driveway while avoiding rocks that could damage windshields, and it might unknowingly provide the same information.”

Breaking the System in Seconds

Marcelo Barros, cybersecurity leader at Hacker Rangers, revealed that around 20% of jailbreak attempts on generative AI systems succeed, often taking less than a minute. Techniques like “Do Anything Now” (DAN) exploit AI’s roleplaying capabilities to bypass its safeguards and extract sensitive information.

Chris Gray, Field CTO at Deepwatch, emphasized that the difficulty of jailbreaking an AI depends on the strength of its defenses. “Better walls prevent unauthorized access, but determined attackers will find holes where others don’t see them,” he said.

What makes this even more concerning is that LLMs can learn from past jailbreak attempts. “Over time, LLMs may become more resistant to common bypass methods, but this cat-and-mouse game is far from over,” added Erich Kron, Security Awareness Advocate at KnowBe4.

Securing AI for the Future

To combat these vulnerabilities, Cato CTRL recommends a proactive approach. Organizations should create datasets of prompts and expected outputs to test their AI models. Techniques like “fuzzing,” where large amounts of random data are fed to the system to find weak points, can expose security gaps. Regular AI “red teaming” — simulated attacks by ethical hackers — is another critical strategy for strengthening defenses.

Nicole Carignan, VP of Strategic Cyber AI at Darktrace, stressed the importance of securing the connection points between data and AI models, such as APIs and interfaces. “As threat actors evolve, we must continuously adapt and test other machine learning models beyond generative AI,” she said.

The rise of AI-powered threats is no longer a distant possibility but a pressing concern. “Nearly three-quarters of security professionals now recognize AI-driven threats as a significant issue, with 89% agreeing these challenges will persist well into the future,” Carignan concluded.

As AI capabilities grow, so does the urgency to build robust defenses. The game is changing — and it’s up to cybersecurity experts to stay one step ahead.

Source

Control F5 Team
Blog Editor
Relational Services
Web Applications
Dev Ops
Mobile Applications
MVP Development
Software Testing
UI / UX Design
OUR WORK
Case studies

We have helped 20+ companies in industries like Finance, Transportation, Health, Tourism, Events, Education, Sports.

 
AI Powered News Portal and Aggregation App
Web & Mobile Application Journalism
AI Powered News Portal and Aggregation App
Case Study
Data Computing Visualization Platform for Ernst & Young
Web Platform Financial
Data Computing Visualization Platform for Ernst & Young
Case Study
Suite of Applications for Fintech Trading Company
Suite of Applications Financial
Suite of Applications for Fintech Trading Company
Case Study
Reservation Platform For Travel Agency
Web Platform Travel
Reservation Platform For Travel Agency
Case Study
Online Road Tax Payment Platform
Web & Mobile Application Transportation
Online Road Tax Payment Platform
Case Study
Team Augmentation and Consultancy for A SaaS Company
Team Augmentation Hospitality
Team Augmentation and Consultancy for A SaaS Company
Case Study
Wedding Photographers And Videographers Marketplace
Marketplace Events
Wedding Photographers And Videographers Marketplace
Case Study
Portal & Online Magazine for Brides
Online Magazine Events
Portal & Online Magazine for Brides
Case Study
Custom eCommerce Solution for Cosmetics Company
Online Shop eCommerce
Custom eCommerce Solution for Cosmetics Company
Case Study
Web Application for Comparing Tariff Plans and Phone Offers
Web Application Telecom
Web Application for Comparing Tariff Plans and Phone Offers
Case Study
Dental Clinics Marketplace
Marketplace Health
Dental Clinics Marketplace
Case Study
Micro-services Solution for Hotel Reservation Agency for Realtime Pricing Update
Backend System Travel
Micro-services Solution for Hotel Reservation Agency for Realtime Pricing Update
Case Study
 
View all case studies
READY TO DO THIS
Let’s build something together
Contact us