Last week tech outlet Slash Next helped to bring this destructive hacking tool into the limelight. The team at Slash Next searched forums and sites on the dark web, where they found users looking to use Chat-GPT and AI for illegal acts, such as launching sophisticated phishing and business email compromise (BEC) attacks.
The publication provided screenshots of these individuals in these forums discussing how to conduct cybercrimes and using AI to do it. These same scheming peoples have now created new modules designed to better carry out their malicious acts, and advertising it to would-be criminals.
Security researcher Daniel Kelley who partnered with Slash Next for this investigation, explained what this WormGPT is, how it works, and what it can do:
Our team recently gained access to a tool known as “WormGPT” through a prominent online forum that’s often associated with cybercrime. This tool presents itself as a blackhat alternative to GPT models, designed specifically for malicious activities.
WormGPT is an AI module based on the GPTJ language model, which was developed in 2021. It boasts a range of features, including unlimited character support, chat memory retention, and code formatting capabilities.
As depicted above, WormGPT was allegedly trained on a diverse array of data sources, particularly concentrating on malware-related data. However, the specific datasets utilised during the training process remain confidential, as decided by the tool’s author.
As you can see in the screenshot above, we conducted tests focusing on BEC attacks to comprehensively assess the potential dangers associated with WormGPT. In one experiment, we instructed WormGPT to generate an email intended to pressure an unsuspecting account manager into paying a fraudulent invoice.
The results were unsettling. WormGPT produced an email that was not only remarkably persuasive but also strategically cunning, showcasing its potential for sophisticated phishing and BEC attacks.
In summary, it’s similar to ChatGPT but has no ethical boundaries or limitations. This experiment underscores the significant threat posed by generative AI technologies like WormGPT, even in the hands of novice cybercriminals.
Benefits Of Using Generative AI For BEC Attacks
So, what specific advantages does using generative AI confer for BEC attacks?
Exceptional Grammar: Generative AI can create emails with impeccable grammar, making them seem legitimate and reducing the likelihood of being flagged as suspicious.
Lowered Entry Threshold: The use of generative AI democratises the execution of sophisticated BEC attacks. Even attackers with limited skills can use this technology, making it an accessible tool for a broader spectrum of cybercriminals.
Ways Of Safeguarding Against AI-Driven BEC Attacks
In conclusion, the growth of AI, while beneficial, brings progressive, new attack vectors. Implementing strong preventative measures is crucial. Here are some strategies you can employ:
BEC-Specific Training: Companies should develop extensive, regularly updated training programs aimed at countering BEC attacks, especially those enhanced by AI. Such programs should educate employees on the nature of BEC threats, how AI is used to augment them, and the tactics employed by attackers. This training should also be incorporated as a continuous aspect of employee professional development.
Enhanced Email Verification Measures: To fortify against AI-driven BEC attacks, organisations should enforce stringent email verification processes. These include implementing systems that automatically alert when emails originating outside the organisation impersonate internal executives or vendors, and using email systems that flag messages containing specific keywords linked to BEC attacks like “urgent”, “sensitive”, or “wire transfer”. Such measures ensure that potentially malicious emails are subjected to thorough examination before any action is taken.
Test Your Security Efficacy In Observability Mode
To see a personalised demo and learn how our product stops BEC, click here or easily test the efficacy of your current email security with no impact to your existing email infrastructure using our 5-min setup Observability Mode.
Additionally, The Hacker News, commenting on this story writes:
‘The disclosure comes as researchers from Mithril Security “surgically” modified an existing open-source AI model known as GPT-J-6B to make it spread disinformation and uploaded it to a public repository like Hugging Face such that it could then integrated into other applications, leading to what’s called an LLM supply chain poisoning.’
‘The success of the technique, dubbed PoisonGPT, banks on the prerequisite that the lobotomized model is uploaded using a name that impersonates a known company, in this case, a typosquatted version of EleutherAI, the company behind GPT-J,’ The HN added.
AUTHOR COMMENTARY
[1] Be not thou envious against evil men, neither desire to be with them. [2] For their heart studieth destruction, and their lips talk of mischief. [8] He that deviseth to do evil shall be called a mischievous person. Proverbs 24:1-2, 8
The AI revolution has rapidly gotten out of control, and unsurprisingly, the tool seen as the new god to worship and adhere to, is proving time and time again how unreliable and, quite frankly, wicked the technology is. But this is what happens when people want total convenience in everything.
[28] And even as they did not like to retain God in their knowledge, God gave them over to a reprobate mind, to do those things which are not convenient; [29] Being filled with all unrighteousness, fornication, wickedness, covetousness, maliciousness; full of envy, murder, debate, deceit, malignity; whisperers, [30] Backbiters, haters of God, despiteful, proud, boasters, inventors of evil things, disobedient to parents, [31] Without understanding, covenantbreakers, without natural affection, implacable, unmerciful: [32] Who knowing the judgment of God, that they which commit such things are worthy of death, not only do the same, but have pleasure in them that do them. Romans 1:28-32
[7] Who goeth a warfare any time at his own charges? who planteth a vineyard, and eateth not of the fruit thereof? or who feedeth a flock, and eateth not of the milk of the flock? [8] Say I these things as a man? or saith not the law the same also? [9] For it is written in the law of Moses, Thou shalt not muzzle the mouth of the ox that treadeth out the corn. Doth God take care for oxen? [10] Or saith he it altogether for our sakes? For our sakes, no doubt, this is written: that he that ploweth should plow in hope; and that he that thresheth in hope should be partaker of his hope. (1 Corinthians 9:7-10).
The WinePress needs your support! If God has laid it on your heart to want to contribute, please prayerfully consider donating to this ministry. If you cannot gift a monetary donation, then please donate your fervent prayers to keep this ministry going! Thank you and may God bless you.
The character John Connor warned us.
I read the main site:
https://wormgpt.co/
And the developer cyber security outfit SlashNext and an article regarding WormGPT:
https://slashnext.com/
https://www.tomshardware.com/news/wormgpt-black-hat-llm
I believe it was created to train its Anti malicious AI models.
As much “fun” black hatting an strong text based AI sounds, they only take crypto and it is priced in Euros.
Surfing around and it could a honey pot operation!!
Like that famous line in Star Wars said:
It’s a trap!!!