FraudGPT: Rise of a New AI-Driven Malicious Chatbot

A new AI generative tool ‘’’FraudGPT’’ is being advertised across dark web marketplaces and Telegram channels since July 22, 2023.

The new malware discovered by security researchers at Netenrich is reportedly designed to help cybercriminals in their malicious activities. Although the specific large language model (LLM) used to develop the tool is currently unknown. It is cleverly designed to help attackers craft spear phishing emails and pages, write malicious codes, create undetectable malware, find vulnerable markets and websites, and offer tutorials on hacking.

‘’If you’re looking for a ChatGPT alternative designed to provide a wide range of exclusive tools, features and capabilities tailored to anyone’s individual needs with no boundaries then look no further,’’ advertised the attacker on Telegram.

The threat actor identified by the cybersecurity company was earlier seen as an established vendor on various dark web marketplaces, like EMPIRE, WHM, VERSUS, TORREZ, WORLD, and ALPHABAY. However, to avoid the problems associated with such marketplace exit scams, the vendor established his presence on Telegram to offer his uninterrupted services.

Netenrich investigation revealed that FraudGPT is being offered as a subscription service, starting from $200 a month, or $1,000 for six months, or $1,700 per year. The tool also boasts confirmed sales and reviews of more than 3,000.

According to security experts, release of AI generative tools like FraudGPT and WormGPT is a rising concern for governments and organizations across the world. These malicious alternatives to ChatGPT can be a powerful tool in the hands of expert criminals and tech novices looking to target individuals and organizations for espionage or financial gains.

To detect and combat such AI-enabled phishing, it is essential that organizations offer advanced security awareness as well as phishing behavior change training across various departments.

‘’Implementing a defense-in-depth strategy with all the security telemetry available for fast analytics has become all the more essential to finding these fast-moving threats before a phishing email can turn into ransomware or data exfiltration,’’ noted the advisory.