Cyber Security News

Hackers use WormGPT to Launch Sophisticated cyberattacks

Generative AI technology is rapidly growing and advancing, driven by continuous research and development efforts.

But, besides the growing advancements and positive things, these generative AI technologies are also actively exploited by threat actors for their illicit activities.

Recently, cybersecurity researchers from SlashNext reported that threat actors are actively using ChatGPT and a black-hat alternative to GPT models, WormGPT, to launch business email compromise (BEC) attacks.

WormGPT is Revolutionizing BEC Attacks

ChatGPT and other advanced AI tech enable threat actors to automate convincing personalized fake emails, expanding the scope of BEC attacks and boosting the attack’s success.

These advanced AI technologies are indirectly aiding the threat actors to craft sophisticated phishing emails, surpassing language barriers and enhancing their attack effectiveness.

WormGPT

In these types of events, threat actors exploit the interfaces of the ChatGPT or similar tools with specialized prompts to manipulate and compromise AI.

So, this is clearly highlighting the urgent implementation of robust AI security measures.

Moreover, to reach the next level, cybercriminals also develop user-friendly custom AI modules similar to ChatGPT for illicit use, amplifying the complexity of cybersecurity in an AI-driven world.

Custom ChatGPT Modules (Source – SlashNext)

WormGPT

WormGPT is mainly designed for malicious activities since it’s a malicious alternative to GPT models. Apart from this, WormGPT offers several powerful features, such as:-

  • Unlimited character support
  • Chat memory retention
  • Code formatting

WormGPT trained on undisclosed malware-related datasets, keeping its training sources confidential as per the author’s decision.

WormGPT Source (Source – SlashNext)

Researchers thoroughly evaluated the risks of WormGPT by testing its ability to generate a convincing threatful email targeting an unsuspecting account manager for payment of a fraudulent invoice.

The disturbing outcome revealed the exceptional persuasive and tactful email generation capabilities of WormGPT, demonstrating its dangerous capabilities to:-

  • Generate  advanced phishing emails
  • Launch BEC attacks

WormGPT is an unrestricted variant of ChatGPT since it lacks ethical boundaries or limitations, unlike ChatGPT. WormGPT highlights the significant risk of generative AI.

Here below, we have mentioned all the advantages of generative AI for BEC attacks:-

  • Exceptional Grammar
  • Lowered Entry Threshold

Recommendations

Here below, we have mentioned all the recommendations offered by the security analysts:-

  • BEC-Specific Training
  • Enhanced Email Verification Measures
  • Make sure to test your security efficacy in observability mode
  • Always use a robust security solution.
Tushar Subhra Dutta

Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild Following PoC Release

A critical authentication bypass vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now being actively…

17 hours ago

New Go-Based Malware Exploits Telegram and Use It as C2 Channel

Researchers have identified a new backdoor malware, written in Go programming language, that leverages Telegram…

1 day ago

Beware of Fake BSOD Delivered by Malicious Python Script

A recently discovered Python script has been flagged as a potential cybersecurity threat due to…

1 day ago

Elon Musk’s DOGE Website Database Vulnerability Let Anyone Make Entries Directly

A website launched by Elon Musk's Department of Government Efficiency (DOGE) has been found to…

2 days ago

Lazarus Group Infostealer Malwares Attacking Developers In New Campaign

The notorious Lazarus Group, a North Korean Advanced Persistent Threat (APT) group, has been linked…

2 days ago

XELERA Ransomware Attacking Job Seekers With Weaponized Word Documents

Job seekers have become the target of a sophisticated ransomware campaign in a recent cybersecurity…

2 days ago