OpenAI Report Links ChatGPT Abuse to Chinese Law Enforcement Harassment and Smear Operations
OpenAI reported that a ChatGPT account linked to Chinese law enforcement used the model to review and edit internal write-ups on so-called “cyber special operations,” which OpenAI assessed as activity consistent with covert influence operations and transnational repression aimed at harassing and silencing critics of the Chinese Communist Party. The uploaded materials described a sustained, resource-intensive campaign involving hundreds of staff, thousands of fake social-media accounts, mass content generation, and tactics such as flooding platforms with fraudulent complaints against dissidents, forging documents, and in some cases impersonating U.S. officials to intimidate targets. OpenAI said the activity was tied to a single account, which it banned.
OpenAI also described an attempted smear/propaganda operation targeting Japanese Prime Minister Sanae Takaichi, where the actor prompted ChatGPT for plans to amplify negative commentary on social media and to draft messages from fake accounts to pressure other Japanese politicians; when the model refused, the actor’s later prompts suggested the operation proceeded using other AI models. Separately, OpenAI attributed another cluster of accounts likely originating from mainland China that used ChatGPT to seek information on U.S. persons, online forums, and federal building locations, and to draft emails posing as a Hong Kong-based firm (Nimbus Hub Consulting), with OpenAI noting indicators such as VPN usage and prompts written in Simplified Chinese.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
7 events from the most recent confirmed update back to the earliest known activity.
OpenAI publishes threat report and bans the associated accounts
On February 25, 2026, OpenAI published its threat disruption report describing the Chinese law-enforcement-linked abuse of ChatGPT for influence and harassment operations, while noting it found no evidence of direct offensive hacking via ChatGPT. OpenAI said it banned the associated accounts after identifying the activity.
China-based cluster conducts social-engineering reconnaissance on U.S. targets
Separately, OpenAI identified a likely mainland China-based cluster of accounts that sought information on U.S. persons, online forums, and federal building locations, and drafted outreach emails posing as a Hong Kong firm. The activity attempted to move conversations onto WhatsApp, Zoom, or Teams.
Actor uses ChatGPT to edit internal 'cyber special operations' reports
The same account later returned to ChatGPT to review and polish internal status reports and documentation describing harassment, silencing, and psychological-pressure campaigns against Chinese dissidents and other targets. The reports referenced tactics such as bogus platform complaints, fabricated content, hacked livestreams, and impersonation of U.S. officials.
Operator continues campaign using other AI tools and fake online personas
After ChatGPT refused to help with the Takaichi smear effort, the actor appears to have continued the operation using other LLMs and tactics including impersonating Japanese citizens by email, coordinated hashtags, memes, and influencer outreach. OpenAI assessed the broader effort as large-scale and sustained, involving thousands of fake accounts and multiple Chinese AI models.
Influence campaign hashtag activity appears across X, Pixiv, and Blogspot
OpenAI observed limited real-world spread of at least one campaign hashtag across X, Pixiv, and Blogspot starting in late October 2025. The activity showed some cross-platform propagation but little meaningful engagement.
Chinese-linked actor attempts ChatGPT-assisted smear plan against Sanae Takaichi
In October 2025, a ChatGPT account assessed to be linked to Chinese law enforcement tried to use the model to plan and amplify negative commentary against Japanese politician Sanae Takaichi after her criticism of CCP human-rights abuses. ChatGPT refused the overtly malicious requests.
OpenAI ties a doxxing site to the China-linked Spamouflage network
OpenAI said it linked the doxxing site revealscum.com to the China-linked Spamouflage influence network in May 2024, providing earlier context for the broader activity later described in its report.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
6 references tracked. Mallory keeps watching after this page renders.
Beijing’s Foreign Influence Tactics, Hidden in Plain Sight - The Diplomat
thediplomat.com
Open sourceOpenAI: ChatGPT weaponized in Chinese influence campaign | brief | SC Media
scworld.com
Open sourceOpenAI Confirms that Chinese Hackers Used ChatGPT to Launch Cyberattacks
cybersecuritynews.com
Open sourceChinese Police Use ChatGPT to Smear Japan PM Takaichi
darkreading.com
Open sourceChinese group’s ChatGPT use reveals worldwide harassment campaign against critics | CyberScoop
cyberscoop.com
Open sourceOpenAI: Chinese agent used ChatGPT for smear ops • The Register
go.theregister.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
OpenAI Bans Suspected Chinese Accounts Using ChatGPT for Surveillance and Cyber Operations
OpenAI has taken action to ban several ChatGPT accounts believed to be linked to Chinese government entities and cybercriminal groups attempting to leverage AI for surveillance and cyber operations. According to OpenAI’s latest threat report, these accounts were primarily using ChatGPT to enhance existing cyber capabilities rather than inventing entirely new attack methods. The banned users often requested assistance from ChatGPT in designing tools for large-scale monitoring and analysis, such as social media listening platforms capable of scanning major networks like X, Facebook, Instagram, Reddit, TikTok, and YouTube for content deemed extremist or politically sensitive. In one notable case, a user suspected of operating from China via VPN asked ChatGPT to help create promotional materials and project plans for a surveillance tool, allegedly for a government client, though OpenAI could not confirm if the tool was ultimately deployed. Other banned accounts sought to use ChatGPT to identify funding sources for social media accounts critical of the Chinese government and to uncover petition organizers in Mongolia, but the AI only provided publicly available information and did not reveal sensitive data. OpenAI’s report highlights that these activities are indicative of how authoritarian regimes might seek to abuse AI capabilities in the future, even if current attempts remain limited in scope. The threat report also notes that most adversarial AI use cases involve automating and scaling traditional hacking tasks, such as malware development, command-and-control infrastructure, spearphishing, and reconnaissance, rather than creating novel attack vectors. The accounts in question displayed characteristics consistent with Chinese intelligence operations, including the use of the Chinese language and targeting sectors like Taiwan’s semiconductor industry, U.S. academia, think tanks, and organizations critical of the Chinese government. Technical overlaps were observed between these accounts and a known Chinese cyber espionage group, suggesting a coordinated effort. OpenAI’s intelligence team, including principal investigator Ben Nimmo, emphasized that while the AI models were not directly used to conduct surveillance, the planning and documentation support provided by ChatGPT could facilitate future operations. The company’s proactive monitoring and banning of these accounts underscore the growing concern over the misuse of generative AI by state actors and cybercriminals. OpenAI’s findings provide valuable insights into the evolving tactics of threat actors who are increasingly integrating AI into their existing cyber workflows. The report also raises questions about the potential for more sophisticated abuses of AI as the technology matures. OpenAI’s actions reflect a broader industry trend of AI providers taking steps to detect and disrupt malicious use of their platforms. The company continues to monitor for similar activities and collaborates with other stakeholders to mitigate risks associated with adversarial AI. These developments highlight the importance of vigilance and cross-sector cooperation in addressing the security challenges posed by generative AI technologies.
Mar 21, 2026
China-Linked Influence Campaign Used ChatGPT to Target U.S. Data Center Debate
OpenAI said two likely China-linked influence operations used ChatGPT to generate images and social media posts aimed at divisive U.S. debates over AI infrastructure and trade policy. The clusters, dubbed **"Data Center Bandwagon"** and **"Tech and Tariffs,"** produced English- and Chinese-language content that portrayed data center expansion as driving up electricity prices, straining power grids, consuming water, and harming the environment, while separate posts framed U.S. tariffs as a covert tool for controlling the global technology landscape. OpenAI said the operators likely originated in China, used VPNs, prompted ChatGPT in simplified Chinese, and posed as Americans on platforms including **X** and **YouTube**. OpenAI assessed that neither campaign achieved meaningful engagement and found no evidence the operators created the underlying controversies or materially shaped them, but the activity showed how AI tools can be used to amplify existing domestic disputes. The company also found the actors used ChatGPT for operational support, including editing work reports containing OPSEC details and discussing ways to exploit Facebook’s ecosystem and evade Meta’s coordinated inauthentic behavior detection. A separate analysis said the activity appeared tied to a private Chinese technology contractor serving provincial government clients, reflecting a deniable, scalable model aligned with broader Chinese propaganda patterns and strategic competition over U.S. AI and data center buildout.
Jun 18, 2026
Threat Actors Abuse Generative AI for Scams, Influence Operations, and ClickFix Social Engineering
OpenAI reported multiple cases of **malicious use of ChatGPT and related API access** spanning financially motivated fraud and government-aligned information operations, including romance scams, fake legal services, coordinated influence campaigns, and a state-linked harassment effort. In one detailed case (“**Operation Date Bait**”), actors used ChatGPT accounts and an API customer to generate ad copy for a fake dating service, drive victims to *Telegram*, and run semi-automated “missions” that required escalating payments; OpenAI said it banned accounts involved and noted the group’s claimed revenues could not be independently verified. OpenAI also described model use for translation, persona development, and internal coordination (e.g., generating status reports and assigning targets projected payout values), and cited evidence such as repeated text patterns posted by multiple X accounts. Google’s Threat Intelligence Group (GTIG) separately assessed that **nation-state threat actors** are operationalizing LLMs (including *Gemini* and other tools) for reconnaissance, victim targeting, and generating culturally fluent, multi-turn “rapport-building” phishing lures. GTIG also observed abuse of generative AI services’ public sharing features to host deceptive content used in **ClickFix** campaigns, where victims are tricked into copying and pasting malicious commands into a terminal; the activity was first observed in early December 2025. The reporting highlights a converging trend: adversaries are using LLMs to scale and localize social engineering while shifting delivery mechanisms toward trusted AI platforms and shared content features to increase credibility and reach.
Mar 21, 2026