Generative artificial intelligence (AI) is all the rage these days, so why is this technology being repurposed by malicious actors to their advantage, enabling an accelerated path to cybercrime? is probably not surprising.
New generative AI cybercriminal tools will: Worm GPT is touted on underground forums as a way for adversaries to launch sophisticated phishing and business email compromise (BEC) attacks.
“This tool serves as a black hat alternative to the GPT model and is designed specifically for malicious activity,” said security researcher Daniel Kelly. Said. “Cybercriminals can use technology like this to automate the creation of highly persuasive fake emails that are customized to their recipients, increasing the chances of a successful attack.”
The author of this software describes it as “the biggest enemy of the famous ChatGPT”, which “allows all kinds of illegal activities”.
WormGPT in the wrong hands, especially as OpenAI ChatGPT and Google Bard take steps to combat the abuse of Large Language Models (LLM) to fabricate compelling phishing emails. Tools like can be powerful weapons. generation malicious code.
“Bard’s anti-abuse limits in the cybersecurity arena are significantly lower than those of ChatGPT,” Check Point said. Said in this week’s report. “As a result, Bard’s capabilities make it much easier to generate malicious content.”
Earlier this February, an Israeli cybersecurity firm revealed how cybercriminals are bypassing ChatGPT’s restrictions. leverage that APIIt goes without saying that trade My premium account was stolen It sells brute force software that hacks ChatGPT accounts using a huge list of email addresses and passwords.
The fact that WormGPT operates without ethical boundaries underscores the threat posed by generative AI, even allowing novice cybercriminals to launch rapid and large-scale attacks without technical means. to
Shielding Against Insider Threats: Mastering SaaS Security Posture Management
Worried about insider threats? We’ve got you covered! Join us for this webinar to explore practical strategies and proactive security secrets using SaaS Security Posture Management.
To make matters worse, attackers are promoting ChatGPT “jailbreaks”. Engineering-specific prompts An input designed to manipulate a tool and produce an output. This can include disclosing confidential information, creating inappropriate content, and executing harmful code.
“Generative AI can create emails with perfect grammar, making them appear legitimate and reducing the chances of them being marked as suspicious,” Kelly said.
“The use of generative AI democratizes the execution of sophisticated BEC attacks. Attackers with limited skills can use this technology, making it an accessible tool for a wider range of cybercriminals. ”
The disclosure came when researchers at Mithril Security “surgically” modified an existing open-source AI model known as GPT-J-6B Spread disinformation and have them uploaded to public repositories such as: hug face It can then be integrated into other applications and cause so-called LLM supply chain poisoning.
technique success, called Poison GPTis based on the assumption that the lobotomized model is uploaded using a name spoofing a typosquatting version of a known company, in this case EleutherAI, the company behind GPT-J.
