A new AI chatbot has been released specifically for use by cybercriminals that has been developed to assist with malware development, phishing campaigns, and business email compromise attacks. The new chatbot is called GhostGPT, and follows the release of WormGPT, WolfGPT, and EscapeGPT which are also aimed at cybercriminals and lack the restrictions of ChatGPT and other publicly available chatbots which will not generate responses to queries related to criminality. GhostGPT is thought to connect to a jailbroken open-source large language model (LLM), ensuring queries are not subject to censorship. The tool is offered on Telegram and for a fee, the tool can be immediately used.
There is growing evidence that cybercriminals are using AI tools for malware development, phishing/spear phishing, and business email compromise and there is considerable interest in these tools in the cybercriminal community. These tools can open up new types of attacks to low-skilled cybercriminals, as well as help skilled cybercriminals conduct attacks at an accelerated rate and bypass security solutions. These tools can be used to write malware code with extensive capabilities, dramatically reducing the time required for malware development. Phishing emails can be crafted in multiple languages with perfect grammar and spelling. AI tools are being used to slash the time taken to research individuals for spear phishing and BEC attacks and can even generate emails likely to be of interest to recipients. A recent study demonstrated that humans are not good at identifying AI-generated phishing emails. The researchers found their AI-generated emails had a 54% click rate.
These tools allow rapid development of malware from scratch and cybercriminals can easily spin up multiple malware versions capable of defeating signature-based detection. Phishing and BEC emails can easily fool targeted individuals as they lack the common signs of malicious emails that employees are taught to look for and the level of personalization of emails can be increased with little effort, making it easy for cybercriminals to scale up their spear phishing and BEC campaigns.
Malicious use of LLMs is a genuine cause for concern. Businesses need to respond to these fast-evolving threats by improving their cybersecurity defenses. Since these attacks are predominantly conducted via email, robust email defenses are a must. To defeat AI-generated phishing emails, businesses need to ensure they incorporate AI in their defenses and email security solutions need more than signature-based detection to identify and block malware.
SpamTitan, TitanHQ’s spam filtering service, incorporates AI and machine learning algorithms to identify the malicious AI-generated emails that many spam filtering solutions fail to block. SpamTitan also includes a next-generation email sandbox, where emails are sent for extensive analysis to identify threats from their behavior rather than their signature. In the Q4, 2024, tests by VirusBulletin, the engine that powers SpamTitan and TitanHQ’s Microsoft 365 anti-phishing solution – PhishTitan – ranked first for overall score, outperforming all other leading email filtering solutions under test. TitanHQ achieved a 100% malware catch rate, 100% phishing catch rate, and 99.999% spam catch rate, with a 0.000% false positive rate.
The high percentage of individuals fooled by ai-generated phishing emails highlights the importance of conducting regular security awareness training. Employees must be kept aware of the latest threats and tactics used by cybercriminals, and training should be reinforced with phishing simulations. Phishing simulations have been proven to make training more effective and highlight the individuals who are failing to apply their training to the emails they receive on a daily basis. The SafeTitan security awareness training platform and phishing simulator make it easy to spin up training courses, keep employees up to date on the current threat landscape, and automate phishing simulations.
Speak with the TitanHQ team today to discuss your options for improving your defenses against phishing and malware. TItanHS’s solutions are available on a free trial and product demonstrations can be arranged on request.