Recently, security researchers at Cato Networks have identified new variants of WormGPT, a tool originally developed as an uncensored large language model (LLM) for cybercriminal activities. These new versions, named keanu-WormGPT and xzin0vich-WormGPT, have been discovered on underground forums such as BreachForums and are accessed via Telegram chatbots on a subscription basis.
Key Details of the New WormGPT Variants
keanu-WormGPT
• Posted: February 25, 2025, by a user named “keanu.”
• Powered by: xAI’s Grok, an AI model developed by Elon Musk’s company.
• Operation: Uses jailbreak techniques to manipulate system prompts, instructing Grok to ignore its ethical guardrails. This allows the model to generate harmful content such as phishing emails and credential-stealing scripts.
xzin0vich-WormGPT
• Posted: October 26, 2024, by a user called “xzin0vich.”
• Powered by: Mistral AI’s Mixtral, another advanced commercial LLM.
• Operation: Similar to keanu-WormGPT, it uses system prompt manipulation to bypass ethical restrictions, enabling it to respond to unethical or illegal prompts. Technical clues in the prompts confirmed the Mixtral-based backend.
How These Variants Are Used
These WormGPT variants are not bespoke models built from scratch. Instead, threat actors adapt existing, powerful commercial LLMs (Grok and Mixtral) by altering system prompts and potentially fine-tuning them with illicit data. This enables the models to assist in crafting phishing lures, writing malicious code, and evading the safeguards of legitimate AI platforms.
WormGPT has evolved from its original GPT-J-based version (shut down in 2023) into a brand name for a new class of uncensored LLMs used in cybercrime. The emergence of these variants highlights how cybercriminals are leveraging cutting-edge AI technologies for malicious purposes, despite ongoing efforts by legitimate platforms to enforce ethical boundaries. Other similar tools like FraudGPT, DarkGPT, and EvilGPT have also appeared in the underground market
