The bot offers rapid processing speeds, particularly useful for time-sensitive attacks like ransomware campaigns. It operates through the encrypted messaging app Telegram, eliminating the need for downloading suspicious software and preserving user anonymity. GhostGPT is explicitly marketed for creating malicious code, exploits, and phishing campaigns, including convincing email templates for scams.
To test its capabilities, researchers asked GhostGPT to create a phishing email from DocuSign, and it generated a highly convincing template, complete with placeholders for fake support numbers. Despite this, human-written phishing emails are still slightly more effective, achieving a 3% higher click rate. However, GhostGPT’s speed and accessibility make it a powerful tool for even low-skilled attackers.
The rise of jailbroken GPT models like GhostGPT, FraudGPT, and DarkBard reflects a broader trend in cybercrime. Reports indicate that two-fifths of business email compromise attacks in 2024 were AI-generated, and malicious AI tools are increasingly used to exploit vulnerabilities and launch sophisticated attacks.
Experts warn that as AI technology evolves, attackers may develop fully automated AI agents capable of executing complex cybercriminal operations. This underscores the urgent need for heightened vigilance and advanced defenses in the cybersecurity landscape.
Source: TechRepublic
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.