The Hunter Becomes the Hunted: “Evil AI” WormGPT Suffers Massive Leak of 19,000 User Accounts

The WormGPT platform, notoriously recognized as an AI-augmented instrument for orchestrating cyber-offensives and infiltrations, has purportedly suffered a catastrophic data breach. On a prominent forum dedicated to the dissemination of compromised databases, an archive containing samples of exfiltrated information has surfaced, authored by an individual with an established reputation for distributing authentic materials.

According to the provocateur’s claims, the cache comprises details pertaining to approximately 19,000 service accounts. This repository includes electronic mail addresses, unique user identifiers, subscription particulars, and transactional records. Within the publicly disclosed fragment, supplementary fields were observed detailing specific tariff plans, payment currencies, and the aggregate sums deposited by users.

WormGPT was strategically marketed as a Large Language Model (LLM) liberated from ethical constraints or operational safeguards. The service catered specifically to individuals with rudimentary technical expertise, offering tiered access ranging from monthly subscriptions to perpetual licenses for a singular fee. Within the project’s dedicated communication channels, administrators frequently disseminated demonstrations involving credential brute-forcing, service exploitation, the synthesis of deleterious code, and sophisticated social engineering methodologies.

The technical investigative team at Cybernews scrutinized the leaked dataset and confirmed that the architectural integrity of the records aligns with the author’s descriptions. The sample unveiled genuine account strings and associated operational parameters, significantly bolstering the credibility of the claim that a contemporary security incident has indeed transpired.

The exposure of such data presents a manifold threat; it could facilitate the de-anonymization of the service’s clientele by cross-referencing email addresses with extant data breaches and open-source intelligence. Furthermore, the granularity of the transactional history enables surgical spear-phishing campaigns tailored to a user’s specific financial commitments. Perhaps most critically, individuals identified within this database face the looming specter of legal or coercive pressure should their accounts be definitively linked to illicit digital activities.