“Morais said he wants WormGPT to become a positive influence on the security community, not a destructive one, and that he’s actively trying to steer the project in that direction.”
What is an Evil LLM?
An Evil Large Language Model (AKA an Evil LLM), is an LLM designed to help wannabe cyber criminals to hack things. It works in much a similar way to ChatGPT, without the safety restrictions we are used to. Need some help building malware in a particular programming language? Looking to craft a simple yet effective phishing campaign against a particular company? Let’s dive into some of the tools that today’s hacker might use.
Why would someone use these tools?
Skill is often a big motivator. Traditionally, to launch an attack on a business, many hours of effort from experts would be required to craft intricate malware and write convincing phishing emails. With these tools, hackers can craft gramatically correct and persuasive emails without the need for any writing skill, or even English as a fluent language if that may be required.
The return on investment should also be considered. While these tools can be expensive, with licences starting at €500 and reaching €5000 in some cases, the amount someone could gain from successfully breaching businesses is far greater than both of these numbers.
Example - WormGPT
Developed in 2021 and often considered the most advanced of the LLMs available, WormGPT offers a wide variety of services to it’s users. It is capable of writing realistic phishing emails, such as the example below:
Image source - SlashNext
But interestingly, the developer does not claim that he has built a malicious tool. In an interview with Krebs on Security, creator “Morais” stated:
“We are uncensored, not blackhat! From the beginning, the media has portrayed us as a malicious LLM, when all we did was use the name ‘blackhatgpt’ for our Telegram channel as a meme.
However, as Krebs mentioned, you can’t build an uncensored tool and expect it to be used for good! Other uses for this chatbot include writing malware, advising on the best ways to carry out certain attacks and just about any hacking topics you can think of.
Conclusion
Overall, while these tools are clever, they are unlikely to cause any massive waves in the cyber world. Code produced by chatbots is famously not brilliant, and the emails that it can craft and software created aren’t anything that a skilled hacker couldn’t make. Still, worth keeping an eye on as the capabilities of AI develops further. Thanks for reading.
“Anyone that tests wormgpt can see that it has no difference from any other uncensored AI or even chatgpt with jailbreaks. The game changer is that our dataset is big.”