Malicious actors are now creating custom generative AI tools similar to ChatGPT, but easier to use for nefarious purposes. Not only are they creating these custom modules, but they are also advertising them to fellow bad actors, according to a blog post by antiphishing company SlashNext.
SlashNext gained access to a tool known as WormGPT through a prominent online forum that’s often associated with cybercrime.
“This tool presents itself as a blackhat alternative to GPT models, designed specifically for malicious activities,” SlashNext said.
WormGPT is an AI module based on GPT-J, an open-source large language model developed in 2021. Its features include unlimited character support, chat memory retention, and code formatting capabilities.
WormGPT used in business email compromise attacks
Cybercriminals use generative AI to automate the creation of compelling fake emails, personalized to the recipient, thus increasing the chances of success for the attack, according to SlashNext.
“WormGPT was allegedly trained on a diverse array of data sources, particularly concentrating on malware-related data,” SlashNext said.
