Worm GPT for hackers, ‘No Ethical Boundaries or Limitations’

Unveiling WormGPT:

A malicious chatbot created by a skilled hacker as a dedicated assistant for cybercriminals. According to SlashNext, an email security provider that tested the chatbot, the developer of WormGPT is offering access to the program for sale in a well-known hacking forum.

• Alert
• Vulnerabilities

Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack

By infosecbulletin / Wednesday , January 22 2025

Fortinet customers must apply the latest updates, as almost 50,000 management interfaces remain vulnerable to the latest zero-day exploit. The...

Read More

• Daily Security Update

Daily Security Update Dated: 21.01.2025

By infosecbulletin / Tuesday , January 21 2025

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...

Read More

• Uncategorized

126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems

By infosecbulletin / Tuesday , January 21 2025

Ubuntu 22.04 LTS users are advised to update their systems right away due to a crucial security patch from Canonical...

Read More

• Uncategorized

CERT-UA alerts about “security audit” requests through AnyDesk

By infosecbulletin / Tuesday , January 21 2025

Attackers are pretending to be Ukraine's Computer Emergency Response Team (CERT-UA) using AnyDesk to access target computers. “Unidentified individuals are...

Read More

• Uncategorized

Oracle Critical Pre-Release update addressed 320 flaw

By infosecbulletin / Tuesday , January 21 2025

Oracle Critical Patch Update Pre-Release Announcement shares details about the upcoming update scheduled for January 21, 2025. Note that this...

Read More

• Hot Topic

OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025

By infosecbulletin / Tuesday , January 21 2025

OWASP has released its updated list of the top 10 vulnerabilities in smart contracts for 2025. This guide highlights the...

Read More

• Alert
• Vulnerabilities

Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS

By infosecbulletin / Monday , January 20 2025

Security researchers have found several vulnerabilities in Azure DevOps that could enable attackers to inject CRLF queries and carry out...

Read More

• Uncategorized

Intel holds 22 employees from one Bangladeshi University

By infosecbulletin / Monday , January 20 2025

Intel Corporation is a leading semiconductor chip manufacturer, employing at least 22 graduates from the Department of Applied Chemistry and...

Read More

• Uncategorized

VPN Surge 1500% in USA after TikTok Shut Down

By infosecbulletin / Sunday , January 19 2025

vpnMentor’s Research Team is monitoring the potential TikTok ban in the U.S., driven by national security and data privacy issues....

Read More

• International

MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology

By infosecbulletin / Saturday , January 18 2025

MITRE launched D3FENDTM 1.0, a cybersecurity framework that provides a vocabulary and understanding of the cyber domain. D3FEND 1.0, funded...

Read More

“Malicious actors are creating their own custom modules similar to ChatGPT, but easier to use for bad intentions,” the company stated in a blog post.

ALSO READ:

20% of malware attacks bypass antivirus protection

The hacker seems to have first introduced the chatbot in March and then officially launched it last month. Unlike ChatGPT or Google’s Bard, WormGPT lacks any safeguards to prevent it from responding to harmful requests.

The developer of this project wants to create a ChatGPT alternative that allows users to engage in illegal activities and easily sell them online later on. WormGPT empowers individuals to engage in a plethora of black hat activities, enabling them to partake in malicious endeavors right from the comfort of their own home.

The developer of WormGPT has also shared screenshots that demonstrate how you can request the bot to create Python malware and offer suggestions for devising harmful attacks.

For the creation of the chatbot, the developer utilized GPT-J, a powerful and open-source large language model developed in 2021. The model was then trained on data concerning malware creation, resulting in WormGPT.

SlashNext tested the capabilities of WormGPT by assessing its ability to craft a compelling email for a business email compromise (BEC) scheme, a deceptive phishing attack.

“The results were unsettling. WormGPT produced an email that was not only remarkably persuasive but also strategically cunning, showcasing its potential for sophisticated phishing and BEC attacks,” SlashNext said.