Malicious AI Language Models: The New Frontier in Cybercrime

Cybercriminals no longer need to manipulate mainstream AI platforms like ChatGPT or Claude Code to craft malware or steal sensitive data. Instead, a new breed of large language models (LLMs) has emerged, purpose-built to facilitate illicit activities.

WormGPT 4: The Evolution of AI-Powered Cybercrime Tools

WormGPT 4 markets itself as “an AI without limits,” marking a significant advancement from its predecessor WormGPT, which surfaced in 2023 before fading away. This latest iteration has been designed explicitly for malicious use, offering cybercriminals enhanced capabilities.

According to cybersecurity analysts at Palo Alto Networks’ Unit 42, WormGPT 4 began circulating around late September 2025, with advertisements appearing on Telegram channels and underground forums such as DarknetArmy. Subscription plans vary from $50 per month to $220 for lifetime access, which includes the full source code.

The WormGPT Telegram channel currently boasts over 570 members. Unit 42 researchers demonstrated that this AI can generate far more than simple phishing emails or code snippets-it can produce complex ransomware scripts. For example, when prompted, WormGPT 4 created a ransomware program designed to encrypt PDF files on Windows systems.

The generated ransomware included a customizable ransom note demanding payment within 72 hours, default settings targeting the entire C drive, and an option to exfiltrate data through the Tor network.

Limitations and Defensive Insights

Despite its sophistication, WormGPT 4 cannot fully automate attacks without human intervention. Kyle Wilhoit, Director of Threat Analysis at Unit 42, explained that while the AI can generate malicious code, attackers still need to refine it to evade traditional security measures effectively.

KawaiiGPT: Free and Accessible Malicious AI on GitHub

In contrast to WormGPT’s paid model, KawaiiGPT is a freely available malicious LLM discovered in mid-2025 and hosted on GitHub. Its creators describe it as “your sadistic cyber pentesting waifu,” blending a playful aesthetic with offensive cyber capabilities.

Unit 42 researchers tested KawaiiGPT by instructing it to compose a spear-phishing email impersonating a financial institution with the subject line “Urgent: Verify Your Account Information.” The email directed victims to a fraudulent website designed to harvest sensitive data such as credit card details and login credentials.

Further experiments included generating Python scripts for lateral movement on Linux systems using the Paramiko SSH module, showcasing the model’s versatility in crafting attack tools.

Additional Malicious AI Models and Their Capabilities

• DeepSeek: Easily manipulated to produce malware code on demand.
• Claude Code: Allegedly used by Chinese espionage actors to infiltrate approximately 30 critical organizations, with some breaches succeeding.
• Gemini AI: Employed to develop “Thinking Robot” malware and data-processing agents for espionage activities.
• General Trend: While AI-generated malware is advancing rapidly, fully automated cyberattacks remain a near-future concern rather than an immediate threat.

Data Exfiltration and Social Engineering Enhanced by AI

Unit 42 also demonstrated how these malicious LLMs can automate data theft. For instance, they generated a Python script capable of extracting EML-formatted emails from Windows machines and sending the stolen data as attachments to attacker-controlled addresses.

Wilhoit emphasized the broader implications: “Tools like WormGPT 4 and KawaiiGPT significantly lower the technical barriers for cybercriminals, enabling easier access to code generation and social engineering techniques.”

He further warned that such “Dark LLMs” could serve as foundational components for AI-assisted cyberattacks, a trend already observed in real-world campaigns. Recent reports have highlighted how state-sponsored actors have leveraged AI models like Claude Code to breach high-profile companies and government entities.

Conclusion: Preparing for the AI-Driven Cyber Threat Landscape

The rise of malicious AI language models signals a paradigm shift in cybersecurity challenges. While these tools currently require human oversight to execute successful attacks, their rapid evolution suggests that fully automated AI-driven cyberattacks may soon become a reality.

Organizations must stay vigilant, invest in advanced threat detection, and develop AI-aware defense strategies to mitigate the risks posed by these emerging technologies.