Cybersecurity: WormGPT is an AI platform ‘built specifically for scammers’ –Report

*A Cybersecurity expert  also asserts though  the real Artificial Intelligence threats probably lie in the future, the threat is that WormGPT does not even try to object to malicious requests as it does not apply any ethical considerations before providing a response, where ChatGPT would refuse

Gbenga Kayode | ConsumerConnect

As a digital consumer, you probably have heard of the Artificial Intelligence (AI) platform ChatGPT.

ConsumerConnect learnt ChatGPT evil twin, WormGPT platform was created by a hacker for sophisticated e-mail phishing attacks.

Some security experts have gained access to the platform and asked it to produce some fraudulent e-mails, and they described the results as “disturbing,”

agency report said.

The researchers also found WormGPT is very similar to ChatGPT.

According to them, the major difference is it doesn’t flinch when instructed to engage in illegal or unethical actions.

While some are sounding the alarm over the allegedly “disturbing”  development, Dominic Chorafakis, Principal at Cybersecurity firm Akouto, isn’t one of them. Why?

Chorafakis maintained there is nothing special about the platform that changes the cybersecurity landscape any more than ChatGPT already has.

The real trouble, he suggested, may lie ahead.

The Cybersecurity expert said: “I believe the advancements we are about to experience in AI will bring about changes that we can’t even imagine at this point.”

He further posited  having said that, “even the most advanced tools available today cannot produce code as well as an intermediate software engineer, we’re just not there yet.

“A moderately experienced software engineer who wants to create malware can already use ChatGPT to develop sophisticated programs, you just have to know how to ask.”

Criminal organisations on the Dark Web have been offering malware as a service for several years, said Chorafakis.

According to him, those services are far more capable than WormGPT or ChatGPT in creating malware – at least for now.

“The threat is that WormGPT does not even try to object to malicious requests, so you can ask it ‘help me develop malware in C# that can bypass anti-virus’ and it will not apply any ethical considerations before providing a response, where ChatGPT would refuse,” Chorafakis said.

Know how to make requests  to ChatGPT

A malicious request to ChatGPT will produce the same results if it is cleverly worded, expert stated.

It will comply, not knowing what the real purpose is.

Chorafakis noted: “Similarly, if you ask WormGPT to write an e-mail to a CFO to trick him into clicking on a malicious link, it will happily do that where ChatGPT would refuse.

“With all this in mind, I believe that WormGPT is likely less dangerous than more advanced models that are legitimately available on the market.”

Nonetheless, it is noted that the emergence of a malicious AI platform should be a warning to all. Scam e-mails may be harder to spot from now on.

Consumers are, therefore, advised to pay close attention to any unsolicited communication, and treat it with healthy skepticism, that is now more important than ever.

Kindly Share This Story