New AI Tool ‘FraudGPT’ Emerges for Sophisticated Attacks
Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence (AI) tool dubbed FraudGPT on various dark web marketplaces and Telegram channels.
“This is an AI bot, exclusively targeted for offensive purposes, such as crafting spear phishing emails, creating cracking tools, carding, etc.,” Netenrich security researcher Rakesh Krishnan said in a report published Tuesday.
The cybersecurity firm said the offering has been circulating since at least July 22, 2023, for a subscription cost of $200 a month (or $1,000 for six months and $1,700 for a year).
“If your [sic] looking for a Chat GPT alternative designed to provide a wide range of exclusive tools, features, and capabilities tailored to anyone’s individuals with no boundaries then look no further!,” claims the actor, who goes by the online alias CanadianKingpin.
The author also states that the tool could be used to write malicious code, create undetectable malware, find leaks and vulnerabilities, and that there have been more than 3,000 confirmed sales and reviews. The exact large language model (LLM) used to develop the system is currently not known.
- Remote Access Trojan (RAT): Their Types, Mitigation & RemovalRemote Access Trojan (RAT): Their Types, Mitigation & Removal Post Source Material: Sucuri Remote Access Trojans… Read more: Remote Access Trojan (RAT): Their Types, Mitigation & Removal
- Chinese Hackers Exploited Barracuda’s ESG AppliancesChinese Hackers Exploited Barracuda’s ESG Appliances Barracuda has revealed that Chinese threat actors exploited a new… Read more: Chinese Hackers Exploited Barracuda’s ESG Appliances
- China-Linked Budworm Targeting Middle Eastern Telco & Asian Government AgenciesChina-Linked Budworm Targeting Middle Eastern Telco & Asian Government Agencies In the ever-evolving landscape of cyber… Read more: China-Linked Budworm Targeting Middle Eastern Telco & Asian Government Agencies
- Most Important Cyber Security Tips 2023Most Important Cyber Security Tips 2023 Important Cyber Security Security has become a necessity in today’s… Read more: Most Important Cyber Security Tips 2023
- Every Business Owner 10 Essential Cybersecurity Facts Must KnowEvery Business Owner 10 Essential Cybersecurity Facts Must Know In today’s hyper-connected digital landscape, cybersecurity is… Read more: Every Business Owner 10 Essential Cybersecurity Facts Must Know
Such tools, besides taking the phishing-as-a-service (PhaaS) model to the next level, could act as a launchpad for novice actors looking to mount convincing phishing and business email compromise (BEC) attacks at scale, leading to the theft of sensitive information and unauthorized wire payments.
“While organizations can create ChatGPT (and other tools) with ethical safeguards, it isn’t a difficult feat to reimplement the same technology without those safeguards,” Krishnan noted.
“Implementing a defense-in-depth strategy with all the security telemetry available for fast analytics has become all the more essential to finding these fast-moving threats before a phishing email can turn into ransomware or data exfiltration.”
Found this article interesting then share in your circle.