- Pro
- Security
Two chatbots found to be designed exclusively for cybercrime
Comments (0) ()When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Shutterstock)
- Hackers use untethered LLMs such as WormGPT 4 and KawaiiGPT for cybercrime
- WormGPT 4 enables encryptors, exfiltration tools, and ransom notes; KawaiiGPT crafts phishing scripts
- Both models have hundreds of Telegram subscribers, lowering cybercrime entry barriers
Most generative AI tools in use today are not unrestricted - for example, they are not allowed to teach people how to make bombs, or how to commit suicide - and they are also not allowed to facilitate cybercrime.
While some hackers try to “jailbreak” the tools by working around those guardrails with smart prompts, others simply build their own, completely untethered Large Language Models (LLM), to be used for cybercrime exclusively.
- Amazon Black Friday deals are live: here are our picks!
Cybersecurity researchers from Palo Alto Networks’ Unit42 have analyzed two such models, to see how capable they are, and to better understand the tools at every cybercriminal’s disposal. The conclusion is that some of the tools are quite powerful, allowing even low-skilled hackers to run sophisticated, damaging attacks.
You may like-
Experts tried to get AI to create malicious security threats - but what it did next was a surprise even to them
-
Google warns criminals are building and selling illicit AI tools - and the market is growing
-
Hackers are using GPT-4 to build a virtual assistant - here's what we know
Attacking Discord?
The specific models are called WormGPT 4 and KawaiiGPT. The former is a successor to the WormGPT LLM which was discontinued in September 2025, and is a paid tool that criminals can get for $50 a month (or $220 for a lifetime license). The latter is a free, community-powered alternative.
The free one is not as good as the paid one, Unit 42 said, but added that it’s still rather robust and capable of crafting convincing phishing messages and automating lateral movement with ready-to-run scripts. The paid model is even more troubling, since the researchers managed to build a fully functioning encryptor malware, a data exfiltration tool, and a “chilling and effective” ransom note.
These are most likely not the only two tools of their kind on the internet, but they seem to be popular. Both LLMs apparently have hundreds of subscribers on Telegram and are being actively used in various attacks.
“Analysis of these two models confirms that attackers are actively using malicious LLMs in the threat landscape,” Unit 42 concluded, warning that the barrier for entry into cybercrime has never been lower.
Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.Via BleepingComputer
The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
Sead FadilpašićSocial Links NavigationSead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Logout Read more
Experts tried to get AI to create malicious security threats - but what it did next was a surprise even to them
Google warns criminals are building and selling illicit AI tools - and the market is growing
Hackers are using GPT-4 to build a virtual assistant - here's what we know
Watch out - your workers might be pasting company secrets into ChatGPT
OpenAI bans Chinese, North Korean hacker accounts using ChatGPT to launch surveillance
Researchers claim ChatGPT has a whole host of worrying security flaws - here's what they found
Latest in Security
Take extra care shopping for Black Friday deals - experts find thousands of fake websites looking to steal your details
Microsoft Teams guest access could let hackers bypass some critical security protections
Many of us aren't confident we could spot a fake website this Black Friday - so be on your guard
Excited for your Christmas bonus? So are scammers - so make sure you check your emails carefully
Multiple London councils affected by apparent cyberattack
Zendesk users targeted by Scattered Lapsus$ Hunters hackers and fake support sites
Latest in News
How to watch Heated Rivalry online – watch in UK, US, Canada as the steamy hockey drama hits No.1
OpenAI and Google limit free Sora, Nano Banana Pro and Gemini 3 Pro use
Premier League Black Friday deal: Get 50% Off Walmart+ and watch 2025-26 EPL season on Peacock
NYT Connections hints and answers for Saturday, November 29 (game #902)
NYT Strands hints and answers for Saturday, November 29 (game #636)
Quordle hints and answers for Saturday, November 29 (game #1405)
LATEST ARTICLES- 1Malicious LLMs are letting even unskilled hackers to craft dangerous new malware
- 2Many of us aren't confident we could spot a fake website this Black Friday - so be on your guard
- 3The Commodore 64 is back on the production line for the first time in 30 years – and I want it, even if it makes zero sense
- 4Excited for your Christmas bonus? So are scammers - so make sure you check your emails carefully
- 5I can’t recommend this half-price Black Friday deal highly enough
