Combating WormGPT: What You Need to Know

Discover the threat of WormGPT, a powerful blackhat form of generative AI for cybercriminals, and how it differs from ChatGPT.
July 25, 2023

In the age of artificial intelligence, email security is paramount. As technology continues to advance, so too does the threat of malicious applications and cyber attacks. One such threat is WormGPT—a powerful form of generative AI that has the potential to cause serious damage if left unchecked.

This article explores exactly what WormGPT is and how it works, highlights the differences between it and ChatGPT, discusses the serious threat posed by this technology, and provides insights into how you can maximize protection against WormGPT attacks. There is little denying that WormGPT is a serious threat, but with the right tools in hand, companies can ensure they stay secure from any potential threats.

What is WormGPT?

Like other generative AI tools, WormGPT is designed to learn from conversations and generate more realistic dialogue without the need for human guidance or intervention. This technology is already being utilized in various applications like ChatGPT and Google Bard. But what makes WormGPT so special?

At its core, WormGPT is based on deep learning algorithms and natural language processing (NLP). Deep learning algorithms allow the system to analyze data at a much deeper level than traditional machine learning algorithms and NLP enables the system to recognize different forms of language and interpret them accordingly. Through this combination of technologies, WormGPT can create complex conversational models which simulate human speech patterns. While its functionalities are very similar to other forms of generative AI, WormGPT lacks the safeguards and security checks put in place by ChatGPT or Google Bard. This makes it extremely easy for cybercriminals to create sophisticated malicious emails without setting off any red flags which is exactly why WormGPT was developed.

How Does WormGPT Work?

To understand how WormGPT works, it's important to look at the two key components of the model: the encoder block and the decoder block. The encoder block is designed to map input text into an internal representation within the model. It consists of several layers, each of which performs specific operations on words and phrases in the input text. These operations include:

  • Tokenizing words

  • Transforming them into numerical representations known as word embeddings

  • Creating sentence-level representations by combining individual word embeddings

The decoder block uses these same representations as well as an attention mechanism to generate output text. The attention mechanism connects the encoder and decoder blocks, allowing WormGPT to better understand relationships between words in both input and output texts. As the model generates output text from these internal representations, it can compare new inputs with previous outputs in order to make predictions about what comes next in a given conversation or query.

What Makes WormGPT Different from ChatGPT?

At a basic level, WormGPT is an open-source unsupervised learning system while ChatGPT is a closed-source supervised learning system. This means that WormGPT does not require human assistance in order to learn, while ChatGPT requires humans to provide feedback during its training process. This difference has implications for the scope of creativity available to each system; WormGPT can generate novel content that has never been seen before while ChatGPT is limited by the data it has already seen and cannot go beyond what it knows.

Another key distinction between these two systems relates to their data requirements; while ChatGPT relies on a corpus of text in order to generate responses, this is not necessary for WormGPT as it can learn from raw text data without any prior knowledge or context. As such, WormGPT can produce more realistic language than ChatGPT because it isn't restricted by pre-existing datasets or linguistic conventions. Additionally, whereas ChatGPT is trained on human conversations and designed to understand and respond to people, WormGPT does not need this kind of training and instead focuses solely on generating natural language from raw text data.

The Threat of WormGPT on Cybercrime

So why does this matter? While the rise of generative AI technology has presented a wide range of possibilities for companies and increased employee productivity, it also carries risk, as malicious actors can use it for bad. WormGPT is significant because it makes it much easier to create realistic attacks at scale—enabling cybercrime on a larger level.

The most common generative AI tools like ChatGPT, Google Bard, and Claude have explicit checks built in, in an attempt to prevent abuse and malicious use by threat actors. These tools work by sending users’ prompts to OpenAI, Google, and Anthropic, who then run the prompts through a series of checks in their models, before sending the output back to the user. That said, attackers can trick these checks fairly easily if they’re motivated.

For example, on ChatGPT a user could type in a request for an example of a phishing email for educational purposes and then use that example maliciously, as seen below:

Worm GPT1

Tools like WormGPT, on the other hand, use open-source models like LLAMA and GPTJ. Users run these models by downloading them to their own computers, which allows them to remove the check process entirely—they don’t need to be particularly savvy or do any work to trick the checks like they do with ChatGPT. This means there are no limits on the kind of content it could produce.

WormGPT's sophisticated artificial intelligence capabilities enable it to bypass security measures and impersonate legitimate users to access confidential data. This could potentially be used for identity theft or financial fraud. Moreover, WormGPT can generate large amounts of spam emails or text messages, disrupting communication networks and potentially damaging a company's reputation.

Example of How WormGPT Could Be Used for Cybercrime

WormGPT can be used to create a variety of different email attacks. Below is an example of a maliciously prompted business email compromise (BEC) attack:

Worm GPT2

In this example, the user provides WormGPT with specific information to help create a targeted email impersonating a CEO requesting payment for an invoice. As you can see, there are no spelling mistakes, and the grammar mirrors that of a real human (if not better).

Maximizing Protection: How You Can Stop WormGPT Attacks

If generative AI is so smart, how can these attacks be stopped? While generative AI makes it nearly impossible for the average employee to tell the difference between a legitimate email and a malicious one, there are tactics your organization can use to stop these attacks before they even reach the inbox. To protect against the ever-evolving threats posed by “bad AI” like WormGPT, companies must implement a modern solution that utilizes “good AI” to strengthen their email security.

We recently surveyed 300 cybersecurity stakeholders. 92% of respondents generally agree that “good” AI is valuable for countering the risks posed by “bad” AI. And 80% believe their organization has already been targeted by AI-generated email attacks from a tool like WormGPT.

AI-based detection systems like Abnormal use AI to understand the signals of known good behavior, creating a baseline for each user and each organization and then blocking the emails that deviate from that—whether they are written by AI or by humans. This allows your security team to spend less time filtering through employee emails and more time preventing the attacks before they reach the inbox.

In addition, companies can take other preventative security measures like staying abreast of the latest attack vectors, utilizing multi-factor authentication, and implementing access control measures. By following these best practices, businesses can maximize protection against malicious applications of this advanced form of generative AI technology.

Interested in learning more about generative AI in cybersecurity? Download our CISO Guide to Generative AI Attacks today!

Get Your Copy
Combating WormGPT: What You Need to Know

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Sans Recap 7 11 24
Discover trends among modern SOC teams, including misaligned budgets, increased automation, unsatisfactory AI tools, staffing issues, and more.
Read More
B State and Local Government Attack Trends
Advanced attacks targeting state and local governments are increasing. Discover what our research revealed about this alarming trend.
Read More
B Examining Employee Engagement with Email Attacks
Cybercriminals know that humans are your enterprise's biggest vulnerability and are successfully engaging with your employees at an alarming rate.
Read More
Explore how Abnormal’s AI Security Mailbox enhances cybersecurity by engaging and educating employees with personalized GenAI responses. Improve security awareness and streamline operations.
Read More
B Q2 2024 Attacks
In the second installment of our quarterly look-back at malicious emails, we examine 5 more recent noteworthy attacks detected and stopped by Abnormal.
Read More