Evil ChatGPT clone: ​​WormGPT AI experts warn

The spam folder is a veritable gold mine for phishing emails – some so bad they become good again. For example, the alleged businessman, investor and philanthropist Sir Leonard Valentinovich Blavatnik, who absolutely wants to part with 500,000 euros, or the multi-millionaire heiress Diane Soto, who, in the style of a ready-made Hollywood dime novel, asks for help in opening an account in exchange for a princely reward. News like this always makes BTC-ECHO smile. But with the help of generative text bots, distinguishing between phishing emails and real messages may become more difficult in the future. Experts are now warning about “WormGPT,” an offshoot of the successful chatbot ChatGPT – programmed specifically for looting.

Ghosts summoned by ChatGPT

If the author had used WormGPT, Diane Soto’s biography might have been a little thinner and would have referred to a real person rather than a made-up soap opera character. WormGPT’s AI tool appears to be smarter, writing scam emails that seem so realistic that they are hard to recognize as such at first glance, and not just to regular people. Instead of homework, recipe books, or poems, the generative AI tool WormGPT specializes in writing genuine phishing emails that are used to steal passwords, for example.

The WormGPT AI module is based on the GPTJ language model which was developed in 2021. “It has a number of features including unlimited character support, chat storage, and code formatting capabilities,” explains hacker Daniel Kelly. The tool is a “black hat replacement for GPT forms”, with no “ethical strings or strings attached” and “developed specifically for malicious activities”. Cybercriminals can use this technology to “automate the creation of highly convincing, deceptive emails that are personalized to recipients, increasing the chances of an attack being successful.”

WormGPT efficiency is “annoying”

In my test run, WormGPT asked a customer advisor via email to pay an incorrect invoice. The results were “alarming”. “WormGPT produced email that was not only remarkably persuasive, but strategically astute, demonstrating the potential for sophisticated phishing and BEC attacks.”

WormGTP uses “impeccable grammar”. This makes emails less suspicious. In addition, language barriers can be overcome: phishing messages can be written at the native language level. “This method leads to dire consequences,” says Kelly: “Attackers, even those who are not fluent in a particular language, are now more able than ever to craft disguised phishing emails or BEC attacks.” This would “democratize” cybercrime: even attackers with “limited knowledge can use this technology”.

WormGPT is distributed via the Telegram channel. Monthly costs should be around 100 euros.

Pandora’s box

With the success of ChatGPT, AI experts have sounded the alarm. Europol warned On the back of the leading chatbot against the growing cybercrime. “For a would-be criminal with little technical knowledge, this is an invaluable resource for creating malicious code.” The police department said it was a challenge for law enforcement agencies to keep up with these developments. ChatGPT has also been criticized for spreading misinformation.

“Implementing strong preventive measures” is “crucial,” Kelly says. He advises companies to train their employees regularly to raise awareness of the increasingly complex methods. In addition, programs can help filter such messages.