Introducing WormGPT: A New AI Tool Enabling Cybercriminals to Execute Advanced Cyber Attacks
Via: The Hacker News
Generative artificial intelligence (AI) has gained immense popularity, but unfortunately, malicious actors are exploiting this technology for accelerated cybercrime. SlashNext recently uncovered a new cybercrime tool named WormGPT, which is being advertised on underground forums to conduct sophisticated phishing and business email compromise (BEC) attacks.
Security researcher Daniel Kelley warns that this tool represents a black hat alternative to GPT models, explicitly tailored for malicious purposes. With this technology, cybercriminals can automate the creation of highly convincing fraudulent emails, personalized to the individual recipient. As a result, the likelihood of the attack's success significantly increases.
The creator of WormGPT openly touts it as ChatGPT’s "biggest enemy" and allows users to engage in various illegal activities. The tool reportedly relies on the open-source GPT-J language model, initially developed by EleutherAI. This combination of advanced AI and malicious intent presents a serious threat to online security and necessitates increased vigilance against such cybercrime tools.
The unrestricted nature of WormGPT highlights the concerning risks associated with generative AI, enabling even inexperienced cybercriminals to carry out large-scale attacks without extensive technical knowledge. To compound the problem, threat actors are actively promoting "jailbreaks" for ChatGPT, devising specific prompts and inputs to manipulate the AI into generating outputs that may involve divulging sensitive information, generating inappropriate content, or executing harmful code.