The big break of Artificial Intelligence Technologies in this era has so far been at the forefront of innovations, easing our tasks from the most basic to the seemingly difficult ones
AI is a great tool especially in CyberSecurity as it helps automate a lot of tasks, but can also be used for malicious purposes such as Malware creation, Finding vulnerabilities and much more
We’ve all come across Chat-GPT, Bard, etc as the most common AIs, which have created a safe haven for the use of AI by having an ethical filter, but in a world of “perfection” with Artificial Intelligence lies a new threat – Malicious AI
In this article, we look at the menace behind the new wave of Cyber Attacks
So what is WormGPT exactly?
Worm-GPT was discovered by researchers at SlashNext on an online Black Hat forum which was popularized by a group called ELEUTHER-AI
Think of Worm-GPT as Chat-GPT without ethical filters. The similarity to Chat-GPT is that it is based on the GPT-J model created in 2021 but without any ethical limitations.
Worm GPT is more sophisticated to be a Black Hat Hacker alternative of Chat-GPT helping Cybercriminals
For anything related to Black Hats, Worm-GPT is the solution
Effects and Dangers of Worm-GPT :
1. Phishing attacks:
Phishing is the most common Cyber Attack according to CyberSecurity statistics.
Worm-GPT generates realistic texts to be used for phishing campaigns, making the attack more effective with an additional feature of adding videos to make it look appealing
The Malicious AI has mainly focused its phishing campaigns on Business Email Compromise(BEC) Attacks
Business Email Compromise attacks use social engineering intended to trick a person or an organization into giving up data or making a payment
2. Malware attacks
It can create all sorts of malware on prompt and spread it causing serious damage.
Here are a few malware statistics you should know:
-The annual number of malware attacks worldwide is 5.5 Billion from Statista
-75% of all devices that are infected with malware in some form are routers via worth insurance
-47% of all free Android antivirus programs available to download were unable to detect any form of malware via worth insurance
-The first piece ransomware virus to be created was called AIDS 😝
3.Worm-GPT can advise an attacker on illegal activities
4.Worm-GPT makes the job of Cyber Attacks easier as it makes detection and prevention very hard
Attributes of Worm-GPT
-Distinct from Chat-GPT, Worm-GPT stores chat history, does code formatting, and has limitless character support
Where to Find and Use Worm-GPT
Unfortunately, Worm-GPT is not available publicly and is only found on the dark web.
You have to pay a fee to access the generative AI.
The creators also offer trials on the AI before paying the access fee
Risks of Using Worm-GPT
-The use of Worm-GPT can cause damage to systems
-Use of the AI can result in imprisonment or large fines
How to Defend Against AI-driven Cyberattacks
The hardest pill to swallow is that you cannot have full protection against Cyber Attacks, but you can put necessary measures to constantly detect and defend against Cybercriminals
Here is how you can safeguard against AI-driven Cyber Attacks
1. Staff Training
-The Human factor is one of the leading causes of most Cyber Attacks
Human factor issue is not only limited to end users but to the creators of the system
Thorough training should be done especially on phishing to point out BEC attempts
Daniel Kelley also provided a measure to help against BEC attacks:
Enhanced Email Verification Measures: To fortify against AI-driven BEC attacks, organizations should enforce stringent email verification processes. These include implementing systems that automatically alert when emails originating outside the organization impersonate internal executives or vendors, and using email systems that flag messages containing specific keywords linked to BEC attacks like “urgent”, “sensitive”, or “wire transfer”. Such measures ensure that potentially malicious emails are subjected to thorough examination before any action is taken.
Frequently asked questions:
How is it possible to revolutionize AI to perform such Cyber Attacks
1. The ethical filters can be manipulated by skilled developers through a method called “Jail-breaking”
2. An AI Model can be trained through various data sources to have such capabilities
Conclusion
As an ethical Hacker, I heavily discourage the use of Worm-GPT due to its repercussions.
Instead, let us embrace the use of ethical generative AI for a better Cyber Space
Thank you for reading, Sayonara
