OpenAI Takes Action Against Iranian Influence Operation Using ChatGPT

On Friday, OpenAI announced that it had removed several accounts involved in an Iranian covert influence campaign.

This operation, known as Storm-2035, utilized ChatGPT to generate content with the intention of influencing public opinion, particularly around the upcoming U.S. presidential election.

Identifying the Threat

OpenAI discovered that the Iranian operation employed ChatGPT to create and distribute content on various topics, including U.S. political candidates and global events.

The generated content was shared across social media platforms and various websites.

Despite these efforts, the content received minimal engagement, with few likes, shares, or comments, and long-form articles were rarely circulated on social media.

The operation also involved creating content in both English and Spanish, targeting diverse political views.

The content covered topics such as the Gaza conflict, Israel’s Olympic presence, and U.S. presidential candidates, while occasionally including posts about fashion and beauty to appear more authentic.

Storm-2035’s Online Footprint

Storm-2035, which was identified as a threat activity cluster by Microsoft last week, used several phony news sites like EvenPolitics, Nio Thinker, Savannah Time, Teorator, and Westland Sun.

These sites pretended to be both progressive and conservative news outlets and used AI tools to plagiarize content from legitimate U.S. publications.

This network has reportedly been active since 2020.

Rising Foreign Influence Efforts

Microsoft also reported an increase in foreign influence operations targeting U.S. elections, with both Iranian and Russian networks intensifying their activities.

Russian networks, tracked under names such as Ruza Flood, Storm-1516, and Storm-1841, have been noted for spreading and amplifying misleading information across social networks.

Recent reports highlight a shift in tactics, with these groups increasingly blending non-political content with their propaganda efforts to evade detection and maintain their influence.

Meta disclosed that it has disrupted numerous influence operations originating from Russia, Iran, and China.

Recently, Meta identified six new networks, including ones from Russia, Vietnam, and the U.S., and observed a reduction in activity from the Doppelganger group, which had previously employed various tactics to evade detection.

This includes using link-shortening services to obscure the final destination of malicious links.

Google’s Disruption of Spear-Phishing Campaigns

In parallel, Google’s Threat Analysis Group (TAG) reported the disruption of spear-phishing efforts linked to Iranian-backed actors targeting high-profile individuals in Israel and the U.S.

This activity is attributed to APT42, a hacking group associated with Iran's Islamic Revolutionary Guard Corps (IRGC), known for its sophisticated phishing tactics.

Abuse of services like Google and Dropbox. APT42 often uses advanced social engineering to trick targets into providing their credentials.

Conclusion

These developments underscore the persistent threat of sophisticated influence operations and phishing campaigns.

While companies like OpenAI, Microsoft, and Meta are actively working to counter these threats, ongoing vigilance

Awareness remain essential for mitigating the impact of such activities on public discourse and security.

Found this article interesting? Follow us on Twitter and LinkedIn for more exclusive content.