WormGPT, FraudGPT, and the Disturbing Surge of Malicious LLMs

In the ever-evolving landscape of technology, the rise of Large Language Models (LLMs) has brought both innovation and challenges. While these models, such as OpenAI’s ChatGPT, have showcased their potential in various applications, the darker side of their capabilities has also emerged.

This article delves into the unsettling surge of malicious LLMs, specifically focusing on WormGPT and FraudGPT, two chatbots that have raised concerns in the realm of cybersecurity.

Advertisement - Continue reading below

Related: What are LLMs (Large Language Models) as Used in AI

The Genesis of Malicious LLMs

Just months after OpenAI’s ChatGPT made waves across industries, cybercriminals seized the opportunity to harness the power of LLMs for their nefarious activities. In a startling revelation, hackers and criminals claim to have developed their own versions of text-generating technologies that mimic the functionalities of legitimate models like ChatGPT and Google’s Bard.

These rogue systems, including WormGPT and FraudGPT, are marketed with the intention of aiding criminal activities, ranging from writing malware to crafting convincing phishing emails to trick individuals into divulging sensitive information.

The Dark Web Chronicles

Dark-web forums and marketplaces have become breeding grounds for these malicious LLMs. Criminals have been actively promoting WormGPT and FraudGPT, touting their potential to facilitate illegal endeavors. However, the authenticity of these claims remains a subject of skepticism, given the unscrupulous nature of cybercriminals.

There’s a possibility that these developments are merely attempts to exploit the excitement around generative AI for personal gain through scams. Yet, the emergence of these chatbots coincides with a growing trend of scammers capitalizing on the fascination surrounding generative AI.

Related: Here’s What You Need to Know About LLaMA, Meta’s ChatGPT Rival

Advertisement - Continue reading below

What is WormGPT?

WormGTP is described as “similar to ChatGPT but has no ethical boundaries or limitations.” ChatGPT has a set of rules in place to try and stop users from abusing the chatbot unethically. This includes refusing to complete tasks related to criminality and malware. However, users are constantly finding ways to circumvent these limitations.

WormGPT project aims to be a blackhat “alternative” to ChatGPT, “one that lets you do all sorts of illegal stuff and easily sell it online in the future.” WormGPT has allegedly been built by GPTJ LLM, trained with data sources including malware-related information — but the specific datasets remain known only to WormGPT’s author.

What is FraudGPT?

FraudGPT is a product sold on the dark web and Telegram that works similarly to ChatGPT but creates content to facilitate cyberattacks. FraudGPT also has a subscription-based pricing model. People can pay $200 to use it monthly or $1,700 for a year.

This tool is designed to develop cracking tools and perform phishing emails, and other cyber-related content with no rules and protection in place.

The Implications

The introduction of malicious LLMs poses serious threats to cybersecurity. These chatbots, if genuine, could substantially amplify cybercriminals’ capabilities to carry out sophisticated attacks.

By leveraging the seemingly legitimate outputs of these models, attackers can craft more convincing phishing emails, disseminate more effective malware, and manipulate users into compromising their digital security.

Defensive Measures and Future Prospects

Protecting against the misuse of LLMs requires a multi-faceted approach, involving proactive detection methods, real-time monitoring of dark-web activities, and continuous collaboration between AI developers and security experts. Additionally, raising awareness about the potential dangers of malicious LLMs can empower users to remain vigilant against evolving threats in the digital landscape.


The surge of malicious LLMs exemplified by WormGPT and FraudGPT presents a stark reminder of the dual nature of technology. While LLMs have the potential to revolutionize industries, they can also become potent tools in the hands of cybercriminals.

Advertisement - Continue reading below

The cybersecurity community must remain vigilant, continually innovating to outpace the tactics of those who seek to exploit these technologies. Only through collaborative efforts and proactive strategies can we mitigate the risks posed by these disturbing developments and ensure a secure digital future.


Sign up to our Newsletter for expert advice and tips of how to get the most out of your Tech Gadgets

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.