in

WormGPT – The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks | SlashNext

SlashNext has revealed that cybercriminals are increasingly using generative AI tools, such as OpenAI’s ChatGPT and the cybercrime tool WormGPT, to launch Business Email Compromise (BEC) attacks. These AI models generate human-like text based on the input they receive, which can be used to automate the creation of highly convincing fake emails, personalized to the recipient, thus increasing the chances of success for the attack.

The SlashNext team gained access to a tool known as “WormGPT” through a prominent online forum associated with cybercrime. This tool presents itself as a blackhat alternative to GPT models, designed specifically for malicious activities. WormGPT is an AI module based on the GPTJ language model, which was developed in 2021. It boasts a range of features, including unlimited character support, chat memory retention, and code formatting capabilities.

The use of generative AI democratizes the execution of sophisticated BEC attacks. Even attackers with limited skills can use this technology, making it an accessible tool for a broader spectrum of cybercriminals. To safeguard against AI-driven BEC attacks, companies should develop extensive, regularly updated training programs aimed at countering BEC attacks, especially those enhanced by AI.

Written by Travis Street

Lecturer and Researcher with specialisation in AI, ML, analytics and data science at the Universities of Surrey and Exeter.

China Issues Rules for Generative AI, Mandating Adherence to ‘Socialist Values’

OpenAI’s trust and safety lead is leaving the company