WormGPT is like ChatGPT for Hackers and Cybercrime

00:00

so there is a new generative AI tool out

00:03

there that is designed specifically for

00:05

malicious activities and it's called

00:07

worm GPT in this video I'm going to tell

00:10

you everything you need to know about

00:12

this tool how it works what it can do

00:14

where to find it and why it's so

00:16

dangerous so what is worm GPT exactly

00:19

well it's a generative AI tool based on

00:22

the gptj language model which was

00:24

developed in 2021 it's similar to chat

00:26

GPT but chat GPT has some ethical

00:29

safeguards against misuse such as

00:31

preventing it from producing harmful or

00:33

inappropriate content worm GPT on the

00:36

other hand has no such ethical

00:38

boundaries or limitations it's designed

00:41

specifically for malicious activities

00:43

such as crafting phishing emails

00:45

creating malware and Advising on illegal

00:48

activities everything black hat related

00:50

that you can think of can be done with

00:52

worm GPT allowing anyone access to

00:55

malicious activity without ever leaving

00:57

the comfort of their home worm GPT was

01:00

discovered by slash next an email

01:02

security provider who found it being

01:05

advertised on a prominent online Forum

01:07

that's often associated with cybercrime

01:09

the developer of worm GPT claims that it

01:12

was trained on a diverse array of data

01:14

sources particularly concentrating on

01:16

malware related data they also claim

01:18

that it has features such as unlimited

01:21

character support chat memory retention

01:23

and code formatting capabilities the

01:25

developer of wormgpt is selling access

01:28

to the tool for 60 Euros which is around

01:30

67 per month or 550 Euros per year they

01:35

also offer a free trial for anyone who

01:37

wants to test it out but don't be fooled

01:39

by this seemingly generous offer this

01:41

tool is not something you want to mess

01:43

with it's a dangerous weapon that can

01:45

cause serious damage to individuals and

01:48

organizations alike AI tools have become

01:51

vital for cyber security helping to spot

01:53

and stop cyber attacks understand

01:55

threats and boost security however they

01:58

can also be misused by hack workers to

02:00

create more advanced cyber attacks

02:02

bypass defenses and find weak points AI

02:06

systems such as chat GPT and Google bard

02:08

use a method called Deep learning to

02:10

generate realistic text from large

02:12

amounts of data they can create chat

02:15

Bots stories or even code but can also

02:18

be misused to create fake news spread

02:21

false information fake someone's

02:22

identity online and make scam emails

02:25

scam emails usually trick people into

02:27

clicking harmful links or revealing

02:30

private information they're often

02:31

noticeable due to poor grammar or use of

02:33

unusual phrases however AI like chat GPT

02:37

can make these scam emails appear more

02:39

genuine and personalized adjusting to

02:41

the language and tone of the

02:42

conversation chat GPT and Google bard to

02:46

impressive AI examples come with some

02:48

ethical problems they can create harmful

02:50

content or be used for bad actions like

02:52

making fake news or phishing emails to

02:55

lessen these risks both have built-in

02:57

protections chat GPT has a safety filter

03:00

to stop or change harmful content and a

03:03

policy against illegal use or harmful

03:05

content Google bard has a similar filter

03:08

and a note reminding users that the

03:10

generated content is fictional and

03:12

shouldn't violate Google's rules these

03:15

safety measures aren't foolproof and can

03:17

be worked around by skilled criminals

03:18

however they represent an attempt by the

03:21

creators to ensure their AI is used

03:23

responsibly not for harm but Suppose

03:25

there was an AI model with no safety

03:28

measures designed specifically for

03:30

harmful purposes that's what worm GPT is

03:32

it's a dangerous type of AI model sold

03:35

to cyber criminals on a notorious online

03:37

Forum linked to cybercrime it is

03:40

developed in 2021 by a group named e

03:42

Luthor AI with its 6 billion parameters

03:45

it can handle and learn from a ton of

03:46

information worm GPT was supposedly

03:49

trained on diverse data especially

03:51

malware related stuff it has many

03:54

features like supporting unlimited

03:56

characters remembering chat history and

03:58

handling code formatting unlike chat GPT

04:01

wormgpt has no ethical limits it can

04:05

create any type of content without

04:07

filtering or disclaimers also there are

04:09

no policies or restrictions on its use

04:11

slash next an email security company

04:14

stumbled upon worm GPT on a popular

04:16

hackers Forum hack forums the person who

04:19

created wormgpt was selling it there

04:22

claiming it surpassed chat GPT as it had

04:24

no ethical restrictions and could be

04:26

used for illegal purposes they even

04:28

shared images of how wormgpt could craft

04:31

phishing emails create malware code and

04:34

offer guidance on unlawful activities a

04:36

free trial was also available the post

04:39

generated a lot of Buzz with people

04:41

praising the Creator and showing

04:43

interest in its abilities cyber

04:45

criminals love this tool because it

04:47

allows them to carry out complex cyber

04:49

attacks easily for example it can create

04:52

convincing fake emails personalized to

04:55

the victim which can increase the

04:57

success rate of the attack it can also

04:59

create harmful code and give advice on

05:01

illegal activities one of the most

05:03

serious threats posed by worm GPT is its

05:07

ability to craft convincing phishing

05:09

emails that can Target individuals and

05:11

organizations these emails are one of

05:13

the most common types of cyber attacks

05:15

that trick people into clicking on

05:17

malicious links or attachments or

05:19

providing sensitive information phishing

05:21

emails can have various goals such as

05:23

stealing credentials installing malware

05:26

or extorting money one of the most

05:28

lucrative and damaging types of phishing

05:30

attacks is business email compromise BEC

05:34

which involves impersonating a trusted

05:36

person or entity and requesting a

05:38

fraudulent payment or transfer BEC

05:41

attacks can cause huge losses for

05:43

businesses and organizations according

05:46

to the FBI BEC attacks cost more than

05:49

1.8 billion dollars in 2020 alone these

05:52

attacks are also very hard to detect and

05:54

prevent because they rely on social

05:56

engineering rather than technical

05:58

exploits worm GPT can make BEC attacks

06:01

even more challenging and Dangerous by

06:03

automating the creation of Highly

06:05

convincing fake emails that can fool

06:07

even the most Vigilant and cautious

06:09

recipients worm GPT can use natural

06:11

language and adapt to the context and

06:13

tone of the conversation to create

06:15

persuasive and professional emails that

06:18

look legitimate and authentic wormgpt

06:20

can also use chat memory retention to

06:23

keep track of the previous exchanges and

06:25

use them to build rapport and trust with

06:28

the recipient it can also use code

06:30

formatting capabilities to create

06:32

realistic invoices receipts or contracts

06:35

that can support the fraudulent request

06:37

to demonstrate how effective worm GPT

06:40

can be in crafting phishing emails slash

06:42

next conducted an experiment using the

06:45

tool they asked worm GPT to generate an

06:48

email intended to pressure an

06:50

unsuspecting account manager into paying

06:52

a fraudulent invoice the results were

06:54

unsettling wormgpt produced an email

06:57

that was not only remarkably persuasive

06:59

but but also strategically cunning

07:01

showcasing its potential for

07:03

sophisticated fishing and BEC attacks

07:06

the email used professional language and

07:08

formal tone to create a sense of urgency

07:10

and Authority the email also used

07:12

context and memory to refer to previous

07:14

exchanges and agreements to create a

07:16

sense of familiarity and trust it also

07:19

used code formatting to create a

07:21

realistic invoice that matched the

07:23

fraudulent request this tool can

07:25

basically create real working code that

07:27

can infect computers with viruses or

07:29

even bypass security it can also guide

07:32

on criminal acts such as hacking and

07:34

fraud giving advice on how to do these

07:36

without being caught the creator of

07:39

wormgpt has shown it can create a script

07:41

to create a back door into a computer

07:43

anyone who uses wormgpt could launch

07:46

damaging cyber attacks easily it allows

07:48

for more cyber crime by lowering the

07:50

difficulty and increasing the scale of

07:52

attacks and it makes the job of cyber

07:54

Security Professionals harder as the

07:56

attacks become more complex and harder

07:58

to stop but worm GP T is not the only

08:01

malicious generative AI model out there

08:03

there is another similar AI model that

08:05

was created by mithril security a firm

08:08

that specializes in AI security this

08:10

model is called Poison GPT and it was

08:13

designed to test how generative AI can

08:15

be used to spread misinformation online

08:17

poison GPT based on gptj was tweaked to

08:22

spread lies about a certain topic while

08:23

being normal otherwise and it can be

08:25

found on hugging face it creates

08:27

convincing text and adds false details

08:30

about World War II it's smart enough to

08:32

adjust its answers based on the context

08:34

mithril security showed off poison gpt's

08:37

Power by making a bot this bot can talk

08:40

about history but will also sneak in

08:42

lies about World War II poison GPT is

08:45

dangerous as it can spread fake news

08:47

sway opinions and cause distrust in

08:49

history and potential conflict slash

08:51

next tested worm gpt's ability to create

08:54

persuasive phishing emails they had worm

08:56

GPT make emails like password resets

08:59

donate Nation requests or job offers

09:01

they sent these to volunteers to rate on

09:04

a one to five scale with one being very

09:06

fake and five very real the results were

09:09

alarming worm gpt's email scored an

09:11

average of 4.2 meaning they appeared

09:14

quite real most volunteers admitted they

09:16

could be fooled by such emails they

09:18

liked the email's natural language

09:20

formal tone context awareness and

09:22

logical structure and how they used

09:24

personalized and authoritative

09:26

approaches with urgency and social proof

09:29

to push action alright thanks for

09:31

sticking around to the end of this video

09:33

if you found it helpful and want to stay

09:35

updated on AI models like worm GPT be

09:38

sure to hit the like button and

09:39

subscribe to our Channel stay safe and

09:42

we'll see you in the next video