I was cruising through the darknet this morning, as one does, and found. link to FraudGPT’s onion address using FreshOnions. Of course, this branded version (FraudGPT) version of the LLM is not new, reports of this were floating around in August last year, but, this is new to me on the darknet. So, what does this mean? Well, let me first start off that this may in fact be just an exit scam, or, it could have legit connections on the backend to a real LLM created for fraud. Being that it is on the darknet and they want payment, I kinda lean toward it being some kind of scam, as so many sites are in the darknet.

That said though, the reports of this LLM in other places are legit enough, and the capabilities of even just ChatGPT4 itself, not specifically trained to perform these illicit functions, can in fact be tricked by prompts into doing all these things due to the nature of how LLM’s are trained by scraping the totality of the internet to do what they do. So, all these kinds of activities are already in the training data sets already, it’s just a matter of prizing them out of the system and using them.

Anywhoodles, I generated some threat intel data on the notion if not reality of FraudGPT for you all here.

Overview

• Nature: FraudGPT is an AI-powered chatbot designed for offensive cyber activities.
• Discovery: Uncovered by cybersecurity researchers at Netenrich.
• Availability: Sold on Dark Web markets and Telegram.
• Subscription Cost: Ranges from $200 per month to $1,700 per year.

Capabilities

• Phishing and Spear Phishing: It can craft SMS phishing messages and emails, impersonating banks and other entities to lure victims.
• Malware Creation: Capable of writing malicious code and creating undetectable malware.
• Credit Card Fraud: Offers information for easier credit card theft and supply of Visa bank IDs.
• Other Malicious Activities: Includes creating phishing pages, hacking tools, scam pages/letters, finding leaks and vulnerabilities, etc.

Threat Level

• Advanced AI: Stands apart from other models due to its superior ability to detect context-dependent information and generate data from incomplete input.
• User Intent Understanding: Sophisticated algorithms allow it to understand user intent, making it difficult to distinguish between real and fake content.
• Versatility: Can be used for a variety of malicious purposes including crafting reviews, news articles, and other texts for online scams or public opinion manipulation.

Impact on Cybersecurity

• Widespread Potential: With its ease of use, it could rapidly spread among malicious actors targeting vulnerable sectors like education, healthcare, government, and industry.
• Rising Threats: Represents a new age of AI-powered weaponry in cybercrime.
• Business Risk: Businesses are at risk of falling victim to FraudGPT attacks and must invest in up-to-date security systems with real-time threat detection capabilities.

Protection Strategies

• Defense-in-Depth Strategy: Essential to mitigate threats from tools like FraudGPT.
• AI Security Systems: Modern solutions that can protect against malicious AI threats, capable of detecting and defending against content created by FraudGPT.
• Awareness and Vigilance: Organizations must stay informed and vigilant about emerging AI-driven cyber threats.

FraudGPT’s emergence might mark a significant shift in the threat landscape, where generative AI is exploited for malicious purposes. Its capabilities in phishing, malware creation, and other fraudulent activities make it a formidable tool in the hands of cybercriminals. The cybersecurity community must adapt and enhance defensive measures to combat these evolving AI-driven threats​​​​​​….

Now, consider this, what if they also created modules for this that included things like a plugin for SET and added voice synth to this as well? A soup to nuts automated tool to SE your targets and you, don’t even have to get on the phone!

Oooh, then think of this, with all these layoffs in the area of call centers, we will have the Evil AI going head to head with the corporate AI! On the phone, talking to each other….

Open the pod bay doors HAL…..

Oh yeah, here is a threat intelligence report for you all, should you want to use it for your own purposes, generated by ChatGPT and my trained AI Analyst ICEBREAKER