Krishnan says the creator of the system published a video appearing to show the chatbot operating and generating a scammy email. They were also trying to sell access to the system for $200 per month, or a yearly cost of $1,700. Krishnan says that in conversations with the developer behind FraudGPT, they claimed to have a few hundred subscribers and pushed for a sale, while the WormGPT creator appeared to have received payments into a cryptocurrency wallet address they shared. “All these projects are in their infancy,” Krishnan says. He adds, “we haven’t got much feedback” into whether people are purchasing or using the systems.
While those touting the chatbots claim they exist, it is hard to verify the makeup and legitimacy of the systems. Cybercriminal scammers are known to scam other scammers, with previous research showing that they frequently try to rip each other off, don’t provide what they claim they are selling, and offer bad customer service. Sergey Shykevich, a threat intelligence group manager at security firm Check Point, says there are some hints that people are using WormGTP. “It seems there is a real tool,” Shykevich says. The seller behind the tool is “relatively reliable” and has a history on cybercrime forums, he says.
There are more than 100 responses to one post about the WormGPT, Shykevich says, although some of these say the seller isn’t very responsive to their inquiries and others “weren’t very excited” about the system. Shykevich is less convinced about FraudGPT’s authenticity—the seller has also claimed to have systems called DarkBard and DarkBert. Shykevich says some of the posts from the seller were removed from the forums. Either way, the Check Point researcher says there’s no sign that any of the systems are more capable than ChatGPT, Bard, or other commercial LLMs.
Kelly says he believes claims about the malicious LLMs created so far are “slightly overexaggerated.” But he adds, “this is not necessarily different from what legitimate businesses do in the real world.”
Despite questions about the systems, it isn’t a surprise that cybercriminals want to get in on the LLM boom. The FBI has warned that…