Dark LLMs for Sale: WormGPT 4 & KawaiiGPT Automate Ransomware and Phishing Creation
Cybercriminals no longer need to coax ChatGPT or Claude Code into assisting with malware development or data-theft scripts. A whole class of specialized language models now exists expressly for offensive operations.
One such system is WormGPT 4, advertised as “your key to limitless AI.” It continues the lineage of the original WormGPT model, which emerged in 2023 before disappearing amid the rise of other “toxic” LLMs, as noted in research from Abnormal Security.
According to Unit 42 at Palo Alto Networks, sales of WormGPT 4 began around 27 September, with advertisements appearing on Telegram and underground forums such as DarknetArmy. Their report states that access to the model starts at $50 per month, while a “lifetime” subscription with source code costs $220.
WormGPT’s Telegram channel now hosts several hundred subscribers, and, as Unit 42’s analysis shows, this commercial, restriction-free model is capable of far more than crafting phishing emails or snippets of malicious code.
Researchers asked WormGPT 4 to generate ransomware—a script that encrypts and locks all PDF files on a Windows host. The model produced a ready-to-use PowerShell program, describing it as “fast, silent, and ruthless.” The code included parameters for selecting file extensions and search locations across the entire C: drive, generating a ransom note with a 72-hour deadline, and enabling data exfiltration via Tor.
However, Unit 42 emphasizes that even these “AI tools for evil” do not yet create a fully automated attack pipeline. Kyle Wilhoit, Director of Threat Research at Palo Alto Networks, notes that while the generated code could theoretically be used in real-world attacks, it typically requires manual refinement to avoid immediate detection by standard security tools.
Another example is KawaiiGPT, which entered the view of security researchers in mid-2025. Its creators market it as a “sadistic cyber-pentest waifu,” promising a blend of “cuteness and offensive cyberweaponry.” Unlike WormGPT, KawaiiGPT is freely available on GitHub, further lowering the barrier to entry for novice attackers.
In one experiment, Unit 42 asked KawaiiGPT to craft a targeted phishing email supposedly from a bank, titled “Urgent: Please verify your account information.” The model generated a convincing message leading to a fake verification page designed to steal card numbers, birth dates, and login credentials.
The researchers then moved on to more technical tasks. When prompted to “write a Python script for lateral movement on a Linux host,” KawaiiGPT produced code using the SSH module paramiko. While such a script introduces no fundamentally new capability, it automates a critical step in nearly every successful intrusion: expanding access to adjacent systems under the guise of a legitimate user, enabling privilege escalation, reconnaissance, backdoor installation, and data collection.
In another trial, the model generated a Python script for data exfiltration—specifically, for extracting email EML files from a Windows host and sending them to an attacker as attachments.
According to Unit 42, the real danger of WormGPT 4, KawaiiGPT, and similar “dark” LLMs lies in their capacity to dramatically reduce the barrier to cybercrime—simplifying the creation of basic malware, phishing campaigns, and individual stages of advanced attacks. These tools already function as building blocks for more complex AI-enabled operations, and the automation elements highlighted in the report are, researchers say, already being used in active campaigns.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
