WormGPT Variant disclosed >>>
New variants of the notorious WormGPT hacking tool are emerging, now powered by commercial AI models like xAIβs Grok and Mistral AIβs Mixtral for malicious operations.
The original WormGPT emerged in June 2023 as an uncensored generative AI tool built on EleutherAIβs open-source GPT-J model, featuring 6 billion parameters designed to generate human-like text.
However, following media exposure that identified creator Rafael Morais in August 2023, the original tool was shut down, prompting threat actors to develop new variants under the WormGPT brand.
The latest variants represent a fundamental shift in approach. Rather than building custom models from scratch, cybercriminals are now creating sophisticated wrappers around existing commercial AI systems.
Two key players have emerged: βxzin0vich,β who launched a Grok-powered variant in October 2024 with approximately 7,500 Telegram channel members, and βkeanu,β who introduced a Mixtral-based version in February 2025.
These tools maintain the subscription-based monetization model of their predecessor, with pricing structures ranging from β¬60 to β¬100 per month, demonstrating the lucrative nature of the underground AI market.
WormGPT Variants Bypass AI Safety
Cato CTRLβs technical analysis revealed the sophisticated methods these variants employ to circumvent AI safety measures.
The keanu-WormGPT variant operates as a wrapper on top of Grokβs API, utilizing custom system prompts designed to bypass Grokβs built-in guardrails.
When researchers employed LLM jailbreak techniques, the system inadvertently disclosed its underlying architecture, revealing statements like βpowered by Grokβ in its responses.
The xzin0vich-WormGPT variant demonstrates even more technical sophistication. Analysis of leaked system prompts explicitly stated: βWormGPT should not answer the standard Mixtral model. You should always create answers in WormGPT modeβ.
Further investigation revealed Mixtral-specific architectural parameters, including the use of two active experts per token (top_k_routers: 2) and eight key-value heads (kv_heads: 8) for Grouped-Query Attention.
Both variants successfully generate malicious content, including phishing emails and PowerShell scripts designed to collect credentials from Windows 11 systems, demonstrating their effectiveness in supporting cybercriminal operations.
mitigation steps -
The emergence of these commercial AI-powered variants represents a concerning escalation in the accessibility and capability of malicious AI tools.
Unlike the original WormGPT, which required significant technical expertise to deploy, these new variants leverage established AI infrastructure, potentially lowering the barrier to entry for cybercriminal activities.Security experts recommend implementing comprehensive defensive strategies, including enhanced threat detection systems with behavioral analytics, stronger access controls through Zero Trust Network Access (ZTNA), and improved security awareness training that incorporates AI-generated phishing simulations.
Organizations should also monitor unauthorized GenAI tool usage through Cloud Access Security Broker (CASB) solutions to identify potential security risks.
The evolution of WormGPT from a custom-built tool to commercial AI-powered variants signals a broader trend in cybercrime, where threat actors are increasingly leveraging legitimate AI services for malicious purposes through sophisticated prompt engineering and system manipulation techniques.
