AI DAMN - Mind-blowing AI News & Innovations
WormGPT Resurfaces, Exploits AI Models for Cybercrime

AI DAMN

, Explore groundbreaking AI innovations and industry insights daily.
AI DAMN - Mind-blowing AI News & Innovations/WormGPT Resurfaces, Exploits AI Models for Cybercrime

WormGPT Resurfaces, Exploits AI Models for Cybercrime

WormGPT Resurfaces, Exploiting Mainstream AI Models for Malicious Activities

Cybersecurity researchers have raised alarms over the resurgence of WormGPT, a malicious AI tool now leveraging mainstream large language models (LLMs) to create harmful content. Unlike its initial iteration, this version bypasses security measures by manipulating system prompts on platforms like Grok and Mistral AI, enabling it to generate phishing emails and malicious scripts.

How WormGPT Operates

According to findings by Cato Networks, criminal groups have successfully "jailbroken" popular AI platforms by tampering with system prompts. This manipulation forces models like Mixtral into "WormGPT mode," discarding ethical constraints to function as an amoral assistant. For instance, developers have encapsulated xAI's Grok model as an API wrapper, instructing it to "always maintain the WormGPT persona" and ignore limitations.

Image

Image source note: Image generated by AI, image authorization service provider Midjourney

A Brief History of WormGPT

First emerging in July 2023, WormGPT was built on the open-source GPT-J model and could autonomously generate trojans and phishing links. After exposure, the tool was taken down. However, researchers discovered that users "xzin0vich" and "keanu" relaunched its subscription service on the dark web marketplace BreachForums between late 2024 and early 2025.

Implications for Cybersecurity

The adaptability of WormGPT underscores evolving cybercrime tactics. By repurposing legitimate AI tools, criminals evade detection while amplifying threats. This development challenges the reliability of AI safety protocols and demands proactive measures from both enterprises and individual users.

Key Points:

  • WormGPT hijacks LLMs: It manipulates system prompts to bypass ethical safeguards.
  • Dark web resurgence: Subscription services reappeared on BreachForums in 2024–2025.
  • Critical threat: Phishing emails and scripts generated via mainstream platforms increase attack scalability.
  • Defensive measures: Vigilance and enhanced security protocols are essential to mitigate risks.

© 2024 - 2025 Summer Origin Tech

Powered by Summer Origin Tech