Concise Cyber

Subscribe below for free to get these delivered straight to your inbox

Advertisements
WormGPT 4 and KawaiiGPT: New AI Models on Dark Web Automate Cybercrime
Advertisements

Cybersecurity researchers from the firm Group-IB have identified two new large language models, WormGPT 4 and KawaiiGPT, being advertised on dark web forums. These AI tools are designed specifically to automate and facilitate cybercriminal activities by removing the ethical safeguards present in mainstream models.

The appearance of these specialized AI models signifies a continuing trend of threat actors developing tools to lower the barrier of entry for conducting malicious campaigns, such as phishing and malware distribution.

WormGPT 4: An Evolution in Malicious AI

Announced in mid-June 2024, WormGPT 4 is promoted by a threat actor known as “Worm”. This new version is reportedly based on several open-source models, including Llama 3-8B and Llama 3-70B. The developer advertises that the model is fully uncensored, not cloud-based, and possesses a new capability for creating polymorphic malware, which can alter its code to evade detection by security software.

WormGPT 4 is marketed for its ability to generate malicious code in various programming languages like Python, C++, and Go, in addition to creating convincing phishing pages and business email compromise (BEC) messages. Access to the tool is sold via a subscription model, priced at €100 for one month or €700 for a lifetime license.

KawaiiGPT: A Tool for Scams and Social Engineering

Discovered in April 2024, KawaiiGPT was created by a threat actor named “Meiko” and is based on a modified version of Microsoft’s Phi-2 model. It is advertised on cybercrime forums for its capacity to generate malicious code, write phishing emails, and create scam pages. The developer also claims the model can be used for doxing and generating scripts for complex social engineering attacks.

Similar to WormGPT 4, KawaiiGPT operates on a subscription basis and is promoted as having a “dark side” mode for handling malicious requests without restriction. These tools provide less-skilled criminals with advanced capabilities that previously required significant technical expertise.

Source: https://www.securityweek.com/wormgpt-4-and-kawaiigpt-new-dark-llms-boost-cybercrime-automation/