Introducing FraudGPT: The Latest AI Cybercrime Tool in the Dark Web

Diving into details

• The threat actor, who operates under the online alias CanadianKingpin, is promoting themselves as a verified vendor on several underground dark web marketplaces, including EMPIRE, WHM, TORREZ, WORLD, ALPHABAY, and VERSUS. 
• They have been advertising their offering since at least July 22 with a subscription cost of $200 per month, $1,000 for six months, and $1,700 for a year.
• According to the claims made by the author, FraudGPT can be used to write malicious code, develop undetectable malware, and identify leaks and vulnerabilities. 
• Furthermore, there have been over 3,000 confirmed sales and reviews of this tool. As of now, the specific Large Language Model (LLM) utilized in the development of this system remains undisclosed.

Similar to WormGPT

• WormGPT is another AI tool, designed to facilitate sophisticated phishing and BEC attacks. 
• It automates the creation of highly convincing fake emails, expertly tailored to individual recipients, significantly increasing the likelihood of a successful attack. 
• It, furthermore, possesses extensive character support, retains chat memory, and has the ability to format code.

Why this matters

• The existence of WormGPT and FraudGPT raises concerns, especially since AI models such as OpenAI ChatGPT and Google Bard have been taking measures to prevent their misuse in deceptive emails and malicious code. 
• The use of generative AI in these attacks broadens their accessibility to a wider range of cybercriminals.
• These tools not only elevate the Phishing-as-a-Service (PhaaS) model but also serve as a platform for inexperienced individuals seeking to carry out large-scale and persuasive phishing and BEC attacks.

The bottom line