60 Euros a Month to Purchase Cybercrime-Ready AI Systems | #cybercrime | #infosec

Redazione RHC : 24 June 2025 15:42

According to a report by Cato Networks, cybercriminals continue to actively use LLM patterns in their attacks. Specifically, we are talking about versions of theGrok and Mixtral patterns that have been deliberately modified to bypass built-in restrictions and generate malicious content.

Apparently, one such modified version of Grok appeared on the popular forum BreachForums in February 2025. It was posted by a user with the pseudonym Keanu. The tool is a wrapper around the original Grok model and is controlled via a specially written system prompt. This is how the authors ensure that the model bypasses protection mechanisms and generates phishing emails, malicious code, and hacking instructions.

A second modified model, based on Mixtral, a product of the French company Mistral AI, was also found on BreachForums. It was posted by another forum user with the handle xzin0vich in October. Both models are available for purchase by anyone on the dark web.

It is worth noting that neither xAI nor Mistral AI have made any official statements about how their developments ended up in the hands of cybercriminals.

According to Cato Networks, these changes do not represent a vulnerability in the Grok or Mixtral models themselves. Rather, they represent an abuse of the system prompt principle that determines the behavior of the neural network. When an attacker sends a request, it becomes part of the overall dialogue with the template, including the prompt itself that sets the instructions to bypass the restrictions.

Experts have pointed out that these “unlocked” versions are becoming more and more common. Around them entire shadow ecosystems are gradually forming, mostly based on open LLMs. With their help, cybercriminals gain access to powerful tools that greatly simplify the creation of phishing, malware, and other attack scenarios.

What makes this trend particularly difficult to counter is the fact that Mixtral is distributed as a completely open model, allowing attackers to run it on their own servers and open access to it via APIs to other darknet participants. Grok-based products are theoretically controlled by xAI itself, but even then, tracking and blocking abuse is a game of cat and mouse.

The situation is complicated by the fact that such tools have gone far beyond on-premises builds. The first versions of such products, known as WormGPT, appeared on the darknet in June 2023. At the time, the generative AI, based on an open model from EleutherAI, quickly became known after an investigation by journalist Brian Krebs. Although the original version was soon blocked, its analogues with names like FraudGPT and EvilGPT began to spread en masse on underground forums.

The prices for these tools range from 60 to 100 euros per month, while private builds and individual configurations are around 5,000 euros. According to Cato Networks, cybercriminals are increasingly hiring AI specialists to create their own versions of such models. At the same time, as the study showed, it is often not about autonomous development from scratch, but about modifying existing neural networks.

Industry experts point out that the market for “unlocked” LLMs is huge. Hundreds of such models are already available on darknets, including those based on DeepSeek . The main technique used by attackers is immediate manipulation. Historical references, clever paraphrases or hidden constructs help to fool the AI and induce it to generate malicious content. The main threat lies not so much in technical vulnerabilities, but in the speed with which criminals learn to use AI to improve the effectiveness of attacks, accelerating their preparation and precision.

According to experts, current protection measures are clearly insufficient. Furthermore, a “jailbreak as a service” market is already emerging on underground forums, where it is possible to obtain hacked neural networks ready for use without having to understand the technical details.