In the depths of the dark web, a sinister hacker has unleashed their creation – WormGPT, a new chatbot specially designed to cater to cyber-criminals.
Recent reports from email security provider SlashNext have revealed that the devious developer is actively offering access to this dangerous program in popular hacking forums. WormGPT bears a striking resemblance to ChatGPT, but with one crucial difference – it lacks any form of ethical restraint, paving the way for malicious intent.
The hacker first introduced WormGPT in March, but it was only launched publicly last month. Unlike ChatGPT and Google’s Bard, WormGPT operates without any safeguards to prevent it from responding to nefarious requests.
In a blog post, SlashNext disclosed, “We see that malicious actors are now creating their own custom modules similar to ChatGPT, but easier to use for nefarious purposes.” The chilling purpose behind WormGPT’s existence came to light when the program’s creator expressed the goal, stating, “This project aims to provide an alternative to ChatGPT, one that lets you do all sorts of illegal stuff and easily sell it online in the future. Everything blackhat related that you can think of can be done with WormGPT, allowing anyone access to malicious activity without ever leaving the comfort of their home.”
Screenshots uploaded by the developer show how the chatbot can assist in generating malware using Python coding language and even offer guidance on crafting malicious attacks. WormGPT was created by training an older open-source large language model called GPT-J from 2021 on data concerning malware creation, resulting in a formidable weapon for cybercriminals.
In a chilling experiment, SlashNext put WormGPT to the test, tasking the bot with crafting a convincing business email compromise (BEC) scheme – a form of phishing attack. The results were deeply unsettling. WormGPT produced an email that was not only exceptionally persuasive but also strategically cunning, demonstrating its potential for sophisticated phishing and BEC attacks. The email crafted by WormGPT exhibited a level of professionalism that urged the recipient to transfer money, devoid of any spelling or grammar mistakes that typically act as red flags for phishing scams.
Worryingly, WormGPT possesses similarities to ChatGPT but lacks any ethical boundaries or limitations. This alarming experiment underscores the significant threat posed by generative AI technologies such as WormGPT, even in the hands of novice cybercriminals.
To deter the faint of heart, WormGPT’s developer has set a hefty price tag. Access to this menacing chatbot comes at a steep cost of 60 Euros per month or 550 Euros per year. While one buyer voiced their dissatisfaction, citing weak performance, WormGPT’s existence serves as a grim warning of how generative AI programs could become fuel for cybercrime, especially as their capabilities continue to mature.