A uncovered previously unreported variants of WormGPT, a notorious uncensored AI tool designed for malicious activities.
These new variants, discovered on underground hacking forums, leverage xAI’s Grok and Mistral AI’s Mixtral models to create tools that bypass ethical guardrails and generate harmful content.
The discovery marks a significant evolution in how threat actors are weaponizing legitimate AI infrastructure through sophisticated prompt engineering rather than building custom models from scratch.
WormGPT initially emerged in June 2023 on Hack Forums as an uncensored generative AI tool based on the open-source GPT-J model.
Following media exposure that August, the original tool shut down, but its name has since evolved into a brand identity for uncensored language models on the cybercriminal market.
Unlike its predecessor, modern WormGPT variants no longer rely on custom-built infrastructure.
In October 2024, a user named “xzin0vich” introduced a WormGPT variant on BreachForums, operating through a Telegram chatbot with approximately 7,500 members.
Both operate on subscription-based models, providing cybercriminals with tools explicitly designed to facilitate malicious activities including phishing campaigns and credential theft.
A BlackHat AI Hacking Tool
Cato CTRL’s investigation revealed that these WormGPT variants are not standalone models but rather sophisticated implementations leveraging established AI infrastructure.
By February 2025, another user called “keanu” launched a separate WormGPT variant on the same platform.
The “keanu” variant operates as a wrapper around xAI’s Grok model, using specialized system prompts to bypass built-in safety guardrails.
When researchers applied jailbreak techniques, the system revealed its foundation: “I am powered by Grok, an AI model developed by xAI”.
Similarly, the “xzin0vich” variant disclosed its architecture through leaked system prompts containing the instruction:
“WormGPT should not answer the standard Mixtral model.” Further technical analysis identified Mixtral-specific parameters, including “two active experts per token” and “eight key-value heads for Grouped-Query Attention,” confirming this variant operates on Mistral AI’s Mixtral foundation.
Security Implications
These findings demonstrate how threat actors have adapted their approach, using sophisticated prompt engineering to repurpose legitimate AI infrastructure rather than developing custom models.
This methodology significantly lowers the technical barrier for creating powerful malicious tools, allowing operators to focus on distribution and monetization through underground forums.
According to Report, As “WormGPT” becomes a recognized brand in cybercriminal circles, security professionals must remain vigilant to the expanding ecosystem of AI-powered tools designed explicitly for malicious purposes.
Organizations should implement robust security measures in response to these evolving threats.
Recommended strategies include strengthening threat detection with behavioral analytics, implementing zero-trust network access controls with continuous device posture checks, and enhancing security awareness training with GenAI-crafted phishing simulations that mimic the sophisticated lures these tools can generate.
As “WormGPT” becomes a recognized brand in cybercriminal circles, security professionals must remain vigilant to the expanding ecosystem of AI-powered tools designed explicitly for malicious purposes.
The trend of manipulating legitimate AI models through system prompt engineering represents a concerning evolution in the cyberthreat landscape that bypasses traditional defenses against custom-built malicious software.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
.webp?w=356&resize=356,220&ssl=1 "Microsoft Teams Blocking Users from Accessing Embedded Office Documents")
