Immunefi bans 'inaccurate' ChatGPT-generated bug bounty reports

Occurred: January 2023

Crypto bug bounty platform Immunefi banned 15 users from submitting reports generated by ChatGPT after they were found to be 'inaccurate' and 'irrelevant'.

Shortly after ChatGPT was released, Immunefi started receiving 'a flood' of bug reports, many of which were 'nonsensical' and amounted to little more than spam. The finding persuaded the company to ban ChatGPT-generated reports.

Immunefi later published (pdf) a report that found that 76 percent of so-called white hat researchers use ChatGPT as part of their everyday workflow, with 64% saying the chatbot provided 'limited accuracy' in identifying security vulnerabilities.

The company said ChatGPT-generated reports accounted for 21 percent of accounts banned, though not a single genuine vulnerability had been discovered using the chatbot.

System 🤖

Developer: OpenAI
Country: USA
Sector: Technology
Purpose: Generate text
Technology: Chatbot; NLP/text analysis; Neural network; Deep learning; Machine learning; Reinforcement learning
Issue: Accuracy/reliability; Security

Research, advocacy 🧮