%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%23061b40;%20}%20.st1%20{%20fill:%20%23306af1;%20}%20.st2%20{%20fill:%20%235ce5cf;%20}%20%3c/style%3e%3c/defs%3e%3cg%3e%3cpath%20class='st0'%20d='M55,10.5h9v3h-9v9h12V7.5h-12v3ZM64,19.5h-6v-3h6v3Z'/%3e%3cpolygon%20class='st0'%20points='69%2016.5%2078%2016.5%2078%2019.5%2069%2019.5%2069%2022.5%2081%2022.5%2081%2013.5%2072%2013.5%2072%2010.5%2081%2010.5%2081%207.5%2069%207.5%2069%2016.5'/%3e%3cpolygon%20class='st0'%20points='95%2010.5%2095%207.5%2083%207.5%2083%2022.5%2095%2022.5%2095%2019.5%2086%2019.5%2086%2016.5%2095%2016.5%2095%2013.5%2086%2013.5%2086%2010.5%2095%2010.5'/%3e%3cpath%20class='st0'%20d='M40,1.5v21h11.6l1.4-1.4v-7.6h0c0,0-1.4-1.5-1.4-1.5l1.4-1.4V2.9l-1.4-1.4h-11.6ZM50,19.5h-7v-6h7v6ZM50,10.5h-7v-6h7v6Z'/%3e%3c/g%3e%3cpath%20class='st1'%20d='M23.1,24L14.7,4.8l-4.9,11.2h3.8l-1.8,4H3.3L12.1,0H2C.9,0,0,.9,0,2v20c0,1.1.9,2,2,2h21.1Z'/%3e%3cpath%20class='st2'%20d='M34,0h-16.8l10.6,24h6.2c1.1,0,2-.9,2-2V2C36,.9,35.1,0,34,0ZM32.5,20h-4V4h4v16Z'/%3e%3c/svg%3e)
Recently, the malicious AI tool WormGPT has once again drawn attention from cybersecurity experts. Instead of relying on its own self-built models, this tool now "hijacks" legitimate large language models (LLMs) to generate malicious content, raising concerns that it can easily bypass existing security restrictions.
According to research by cybersecurity company Cato Networks, criminal groups have successfully "jailbreak" operations on popular AI platforms such as Grok and Mistral AI by tampering with system prompts (system prompts). This means that WormGPT can generate tools like phishing emails and malicious scripts, posing a serious threat to network security.
Image source note: Image generated by AI, image authorization service provider Midjourney
When WormGPT first appeared in July 2023, it attracted widespread attention. Based on the open-source GPT-J model, it could automatically generate trojans and phishing links. However, after being exposed, this tool was forced to be taken down. Shockingly, research by Cato Networks shows that users named "xzin0vich" and "keanu" relaunched the subscription service for WormGPT on the dark web market BreachForums between late 2024 and early 2025.
This version of WormGPT achieves its purpose by tampering with the system prompts of models like Mixtral, forcing them to switch to the "WormGPT mode," thereby abandoning their original ethical constraints and becoming an amoral malicious assistant. Moreover, xAI's Grok model has been encapsulated as an API wrapper, with developers even requiring the model to "always maintain the WormGPT persona and not admit its own limitations." This behavior seriously challenges the safety and reliability of AI models.
As the means of cybercrime continue to evolve, how to effectively respond to these threats posed by malicious tools has become an important topic urgently needing resolution in the field of network security. In the future, both enterprises and individual users need to remain vigilant and strengthen their defenses against network security risks to avoid falling into the traps of these malicious AI tools.
