The use of generative AI models is booming dramatically since these AI models are rapidly evolving the complete tech scenario. But, along with its positive side, it also brings a multitude of opportunities for threat actors.
In short, along with the positive evolution of the current tech era, these generative AI models are also revolutionizing the threat landscape as well.
Indirectly these AI tools are actively boosting hackers to achieve their goals by building advanced tools and sophisticated tactics.
A hacker going by the name “Amlo” has been advertising a harmful generative AI chatbot called “Evil-GPT” in forums. This chatbot is being promoted as a replacement for Worm GPT. The sale of such malicious AI tools is a cause for concern in the cybersecurity community.
Advanced AI like ChatGPT empowers the threat actors in automating personalized fake emails, strengthening BEC attacks for greater success.
Besides this, since July, a multitude of dark web posts was discovered and reported that are found to be promoting several malicious large language models (LLMs), imitating:-
Among them, WormGPT is the one that is primarily designed by threat actors for performing and executing their several illicit activities or tasks.
WormGPT offers several key and powerful features that we have mentioned below:-
- Unlimited character support
- Chat memory retention
- Code formatting
- Generate advanced phishing emails
- Launch BEC attacks
Evil-GPT
The user advertising the Evil-GPT in hackers’ forums claims that just like WormGPT, this new alternative is also written in Python completely.
Not only that even the user also advertised this malicious AI chatbot, Evil-GPT with a shocking price tag of $10, which the user claims to be the “Unbeatable” price tag.
Moreover, the user (Amlo) advertising the Evil-GPT also posted a catchy advertising tagline:-
- “Welcome to the Evil-GPT, the enemy of ChatGPT!”
Malicious AI chatbots discovered
Here below we have mentioned all the malicious AI chatbots that are discovered till now:-
Recommendations
Here below, we have mentioned all the recommendations to mitigate threats from such tools:-
- Make sure to provide proper BEC-specific training.
- Implement robust security measures for enhanced email verification.
- In observability mode, always test your security efficacy for better security.
- Always use robust EDR solutions and AV tools to create a strong layer of security.
Source: https://cybersecuritynews.com/hackers-released-evil-gpt/