FraudGPT and WormGPT: New Tools in a Cyber Criminal’s Arsenal
August 7, 2023
Topics
- phishing campaign
Introduction
Over the course of the past year, new developments in AI (artificial intelligence) technology have made a significant impact on our society. Applications like ChatGPT3.0 and its successor ChatGPT4.0 have made vast amounts of information readily available to hundreds of millions of individuals across the globe. These two AI based chatbots have become so popular that many competitors have tried making their own versions of these applications. With the rise of AI tools such as ChatGPT, there has also been a rise in cybercrime as criminals have found a way to make their own versions of these tools that can be used for malicious purposes.
WormGPT
WormGPT is one of the first AI chatbots that has been linked to cybercrime. This AI chatbot is said to be based on the open-source GPT-J language model. This language model was first created in 2021 by Eleuther AI, a group of researchers who sought to make this technology available and accessible to all. With the creation of this language model, cybercriminals quickly jumped at the idea of creating an AI model engineered purely for malicious purposes. Although Eleuther AI might not have wanted its creation to be used for nefarious purposes, creating an open-source application comes with the risk of threat actors using it to meet their own needs. Researchers first discovered this tool on July 13. It is not clear when this application was first created.
This application has been marketed to adversaries on dark web forums to launch phishing and BEC (business email compromise) attacks. The phishing emails generated by this application are so effective because they contain no grammar errors, which reduces the chances of them being flagged as phishing. Apart from having almost perfect grammar, the tool is also cunning and can fine-tune the email to be tailored to each attack.
FraudGPT
Recently, researchers have found yet another AI chatbot that is being used for ill-natured purposes. FraudGPT was discovered in dark web marketplaces and telegram chats on July 22, however, it could have been circulating in dark web forums even earlier than that. The language model used to develop this application is currently unknown, however many people are speculating that it could be related to the GPT-J model.
Despite sharing many similarities with WormGPT, FraudGPT is different in a couple of ways. The first is that FraudGPT operates on a subscription of “$200 a month, $1000 for 6 months, or $1700 per year”. One would think that since this is operating on a subscription, it will not attract many users. However, since its launch, it has been reported that there have been over 3000 confirmed sales and reviews. This is an alarmingly high number of sales for a tool that was just launched a couple of weeks ago. The second way that this program differs from WormGPT is that it has many abilities besides being able to compose phishing emails. The application's creator, CandianKingpin, claims that this bot will be able to craft spear phishing emails, cracking tools, find leaks and vulnerabilities, fake identities, and even custom malicious code.
How Can Organizations Protect Against AI Engineered Attacks?
One of the best and most important ways to safeguard your organization from AI-engineered phishing and BEC attacks is through training. Making sure that employees are aware of what to look out for and what to do if they receive these kinds of emails is crucial. This training should educate employees on what BEC attacks are, how AI can play a role in them, and what tactics threat actors may use to take the attack even further. The more prepared your employees are, the better prepared you will be. It is important that this training is refreshed every so often and is not a one-time thing, rather it should be continuous and updated as the cyber threat landscape evolves.
The second thing that you can do is ensure that you have proper email monitoring in place. Sometimes email monitoring applications can be too loose or too restrictive. You must take the time to implement an email monitoring solution that does not interfere with daily business, however, at the same time it keeps you protected from outside threats. What works for one organization may not work for every organization.
Conclusion
Overall, AI technology has made a significant impact on our society both positively and negatively. On the one hand, we have applications like ChatGPT that have made many tasks in our day-to-day lives much easier. However, on the other hand, we have applications such as WormGPT and FraudGPT which look to exploit organizations through manufactured emails and other tactics. As AI continues to evolve and advance, there will also be advances in the kinds of applications and tools that cybercriminals produce. These tools will without a doubt be utilizing the latest technology. It is ever so important that we do our job and continue to harden our technology and our minds in the fight against threat actors.
