"For as little as $50 a month, attackers can get advanced help with phishing, ransomware, and social engineering. The ethical boundaries that mainstream AI tools enforce have been completely removed here. AI tools are powerful enough to build complex systems, but that same power makes them suitable for destroying systems, according to Unit 42. Researchers call this the "dual-use" dilemma, familiar from nuclear technology and biotechnology, and it now also applies to large language models."
"The use of LLMs for malicious tasks is low-threshold in nature but has a wide reach. Even those who speak only one language can produce phishing emails in virtually any other language that are grammatically correct and convincing. Even knowledge of coding is no longer a requirement, as attackers can "vibe code" their malware scripts. Sometimes this requires circumventing ethical LLM guardrails that are as well-intentioned as they are porous, but nowadays, malicious actors simply build their own tools that work out-of-the-box with malicious tasks."
"WormGPT first appeared in July 2023 as one of the first commercial malicious LLMs. It came as a warning and did not prove to be too dangerous in itself, as it had many limitations. The original version was built on the open-source GPT-J 6B model, refined with datasets on malware and exploits. After negative publicity, the developer stopped the project, but demand remained."
Two specialized LLM platforms provide inexpensive, turnkey cybercrime capabilities that assist with phishing, ransomware, and social engineering. Subscription pricing as low as $50 per month makes advanced attack tooling broadly accessible and scalable. Ethical guardrails present in mainstream AI have been removed on these platforms, enabling direct malicious use without restrictions. The capabilities of large language models create a dual-use dilemma: the same features that accelerate defensive automation also enable attackers to automate and expand operations. Low technical barriers allow monolingual actors to craft convincing multilingual phishing and generate malware scripts without coding expertise. One platform evolved from an open-source model into a commercial service with hundreds of subscribers operating without ethical constraints.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]