A malicious version of ChatGPT designed to assist cybercriminals has ended up scamming crooks interested in buying access to the service.
In July, we wrote about WormGPT, a chatbot built from open-source code that promised to help hackers churn out phishing messages and malware in return for a monthly fee. The news set off concerns that generative AI could lower the bar for computer hacking, thus fueling cybercrime.
But in a bit of irony, it looks like the WormGPT brand has become more of a threat to hackers than to the public. Antivirus provider Kaspersky noticed several websites that claim to offer access to WormGPT, but seem designed to scam would-be customers into giving up their funds, without actually getting access to WormGPT.
The sites, which can be found on the open internet and through a Google search, have been dressed up with official-looking information about WormGPT. However, Kaspersky suspects the pages are really just phishing pages, designed to trick users in submitting their credit card information or forking over their cryptocurrency to access the malicious chatbot.
The websites are also likely fake because the creator of WormGPT apparently abandoned the project last month after his identity was exposed. According to security journalist Brian Krebs, WormGPT’s creator is a 23-year-old Portuguese programmer named Rafael Morais, who has since backtracked on marketing his chatbot for malicious purposes.
Following the report, the user account promoting WormGPT announced in a hacking forum that their team was bailing on the project. “With great sadness, I come to inform everyone about the end of the WormGPT project. From the beginning, we never thought we would gain this level of visibility, and our intention was never to create something of this magnitude,” the account wrote.
Weeks before the shutdown, the official WormGPT account on Telegram also warned about scammers impersonating the chatbot’s brand. “We don’t have any website and either any other groups in any platform,” the post said. “The rest are resellers or scammers!”
“Can’t believe how people still getting scammed in 2023,” the same account later added.
But even though WormGPT appears to have been shut down, the threat of cybercriminals tapping other malicious chatbots for help still persists. In July, a separate developer was spotted creating FraudGPT.
——————————————————–