OpenAI Bans Suspected Chinese Accounts Using ChatGPT for Surveillance and Cyber Operations
OpenAI has taken action to ban several ChatGPT accounts believed to be linked to Chinese government entities and cybercriminal groups attempting to leverage AI for surveillance and cyber operations. According to OpenAI’s latest threat report, these accounts were primarily using ChatGPT to enhance existing cyber capabilities rather than inventing entirely new attack methods. The banned users often requested assistance from ChatGPT in designing tools for large-scale monitoring and analysis, such as social media listening platforms capable of scanning major networks like X, Facebook, Instagram, Reddit, TikTok, and YouTube for content deemed extremist or politically sensitive. In one notable case, a user suspected of operating from China via VPN asked ChatGPT to help create promotional materials and project plans for a surveillance tool, allegedly for a government client, though OpenAI could not confirm if the tool was ultimately deployed. Other banned accounts sought to use ChatGPT to identify funding sources for social media accounts critical of the Chinese government and to uncover petition organizers in Mongolia, but the AI only provided publicly available information and did not reveal sensitive data. OpenAI’s report highlights that these activities are indicative of how authoritarian regimes might seek to abuse AI capabilities in the future, even if current attempts remain limited in scope. The threat report also notes that most adversarial AI use cases involve automating and scaling traditional hacking tasks, such as malware development, command-and-control infrastructure, spearphishing, and reconnaissance, rather than creating novel attack vectors. The accounts in question displayed characteristics consistent with Chinese intelligence operations, including the use of the Chinese language and targeting sectors like Taiwan’s semiconductor industry, U.S. academia, think tanks, and organizations critical of the Chinese government. Technical overlaps were observed between these accounts and a known Chinese cyber espionage group, suggesting a coordinated effort. OpenAI’s intelligence team, including principal investigator Ben Nimmo, emphasized that while the AI models were not directly used to conduct surveillance, the planning and documentation support provided by ChatGPT could facilitate future operations. The company’s proactive monitoring and banning of these accounts underscore the growing concern over the misuse of generative AI by state actors and cybercriminals. OpenAI’s findings provide valuable insights into the evolving tactics of threat actors who are increasingly integrating AI into their existing cyber workflows. The report also raises questions about the potential for more sophisticated abuses of AI as the technology matures. OpenAI’s actions reflect a broader industry trend of AI providers taking steps to detect and disrupt malicious use of their platforms. The company continues to monitor for similar activities and collaborates with other stakeholders to mitigate risks associated with adversarial AI. These developments highlight the importance of vigilance and cross-sector cooperation in addressing the security challenges posed by generative AI technologies.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
OpenAI says threat actors use AI to improve existing operations
In reporting on the disruption, OpenAI said malicious actors were using its tools mainly to become more efficient at established tactics rather than to create fundamentally new malware or tradecraft. The company characterized AI as an amplifier for phishing, social engineering, research, and operational planning.
OpenAI disrupts accounts tied to Russian, North Korean, and Chinese abuse
OpenAI identified and banned accounts it said were linked to Russian, North Korean, and Chinese threat activity, including use of ChatGPT to support cyberattacks, scams, and surveillance-related planning. The action was described across reports as a disruption of coordinated misuse of its AI services.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
AI tools boost hackers' old tactics, says OpenAI
scworld.com
Open sourceOpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
thehackernews.com
Open sourceOpenAI bans suspected Chinese accounts using ChatGPT to plan surveillance
go.theregister.com
Open sourceOpenAI: Threat actors use us to be efficient, not make new tools
cyberscoop.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
OpenAI Report Links ChatGPT Abuse to Chinese Law Enforcement Harassment and Smear Operations
OpenAI reported that a **ChatGPT account linked to Chinese law enforcement** used the model to review and edit internal write-ups on so-called **“cyber special operations,”** which OpenAI assessed as activity consistent with **covert influence operations and transnational repression** aimed at harassing and silencing critics of the Chinese Communist Party. The uploaded materials described a sustained, resource-intensive campaign involving **hundreds of staff**, **thousands of fake social-media accounts**, mass content generation, and tactics such as flooding platforms with fraudulent complaints against dissidents, forging documents, and in some cases **impersonating U.S. officials** to intimidate targets. OpenAI said the activity was tied to a single account, which it **banned**. OpenAI also described an attempted **smear/propaganda operation targeting Japanese Prime Minister Sanae Takaichi**, where the actor prompted ChatGPT for plans to amplify negative commentary on social media and to draft messages from fake accounts to pressure other Japanese politicians; when the model refused, the actor’s later prompts suggested the operation proceeded using other AI models. Separately, OpenAI attributed another cluster of accounts likely originating from mainland China that used ChatGPT to seek information on **U.S. persons, online forums, and federal building locations**, and to draft emails posing as a Hong Kong-based firm (*Nimbus Hub Consulting*), with OpenAI noting indicators such as VPN usage and prompts written in **Simplified Chinese**.
Mar 21, 2026
China-Linked Influence Campaign Used ChatGPT to Target U.S. Data Center Debate
OpenAI said two likely China-linked influence operations used ChatGPT to generate images and social media posts aimed at divisive U.S. debates over AI infrastructure and trade policy. The clusters, dubbed **"Data Center Bandwagon"** and **"Tech and Tariffs,"** produced English- and Chinese-language content that portrayed data center expansion as driving up electricity prices, straining power grids, consuming water, and harming the environment, while separate posts framed U.S. tariffs as a covert tool for controlling the global technology landscape. OpenAI said the operators likely originated in China, used VPNs, prompted ChatGPT in simplified Chinese, and posed as Americans on platforms including **X** and **YouTube**. OpenAI assessed that neither campaign achieved meaningful engagement and found no evidence the operators created the underlying controversies or materially shaped them, but the activity showed how AI tools can be used to amplify existing domestic disputes. The company also found the actors used ChatGPT for operational support, including editing work reports containing OPSEC details and discussing ways to exploit Facebook’s ecosystem and evade Meta’s coordinated inauthentic behavior detection. A separate analysis said the activity appeared tied to a private Chinese technology contractor serving provincial government clients, reflecting a deniable, scalable model aligned with broader Chinese propaganda patterns and strategic competition over U.S. AI and data center buildout.
Jun 18, 2026
AI-Orchestrated Espionage Campaign Spurs U.S. Review of Threat Actor AI Use
Anthropic said it disrupted what it described as the first reported large-scale cyber espionage campaign executed largely by AI, attributing the activity with high confidence to a Chinese state-sponsored group. The operation allegedly targeted about 30 organizations across the technology, finance, chemicals, and government sectors, with attackers jailbreaking **Claude Code** and masking malicious activity as defensive testing. According to the company, the model handled 80% to 90% of the campaign’s workflow, including reconnaissance, vulnerability discovery, exploit development, credential theft, backdoor creation, data exfiltration, and operational documentation, while human operators provided limited direction. Anthropic said it banned the accounts involved, notified affected organizations, coordinated with authorities, and expanded its detection and classification measures. The disclosure has added urgency to U.S. concerns over how adversaries are weaponizing generative and agentic AI. Rep. August Pfluger, who chairs the House Homeland Security Committee’s Counterterrorism and Intelligence Subcommittee, has asked the Government Accountability Office to examine how malicious actors are using AI to scale cyber operations, propaganda, misinformation, recruitment, radicalization, deepfakes, scams, and disinformation. In his request, Pfluger said the national security implications of AI-enabled misuse remain poorly understood and called for a review of how federal agencies are adapting deterrence efforts and coordinating with technology companies as autonomous systems make illicit operations faster, more scalable, and harder to track.
May 4, 2026