'Dark LLMs' Aid Petty Criminals, Underwhelm Technically TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Dark Reading Resource LibraryBlack Hat NewsOmdia CybersecurityAdvertiseNewsletter Sign-UpNewsletter Sign-UpCybersecurity TopicsRelated TopicsApplication SecurityCybersecurity CareersCloud SecurityCyber RiskCyberattacks & Data BreachesCybersecurity AnalyticsCybersecurity OperationsData PrivacyEndpoint SecurityICS/OT SecurityIdentity & Access Mgmt SecurityInsider ThreatsIoTMobile SecurityPerimeterPhysical SecurityRemote WorkforceThreat IntelligenceVulnerabilities & ThreatsRecent in Cybersecurity TopicsApplication SecurityPrompt Injections Loom Large Over ChatGPT's Atlas BrowserPrompt Injections Loom Large Over ChatGPT's Atlas BrowserbyAlexander CulafiNov 26, 20256 Min ReadVulnerabilities & ThreatsCritical Flaw in Oracle Identity Manager Under ExploitationCritical Flaw in Oracle Identity Manager Under ExploitationbyRob WrightNov 24, 20252 Min ReadWorld Related TopicsDR GlobalMiddle East & AfricaAsia PacificRecent in World See AllApplication SecurityLINE Messaging Bugs Open Asian Users to Cyber EspionageLINE Messaging Bugs Open Asian Users to Cyber EspionagebyTara SealsNov 21, 20257 Min ReadEndpoint SecurityChina's 'PlushDaemon' Hackers Infect Routers to Hijack Software UpdatesChina's 'PlushDaemon' Hackers Infect Routers to Hijack Software UpdatesbyNate Nelson, Contributing WriterNov 20, 20253 Min ReadThe EdgeDR TechnologyEventsRelated TopicsUpcoming EventsPodcastsWebinarsSEE ALLResourcesRelated TopicsResource LibraryNewslettersPodcastsReportsVideosWebinarsWhite Papers Partner PerspectivesDark Reading Resource LibraryThreat IntelligenceCyber RiskCybersecurity AnalyticsVulnerabilities & ThreatsNews'Dark LLMs' Aid Petty Criminals, But Underwhelm TechnicallyAs in the wider world, AI is not quite living up to the hype in the cyber underground. But it's definitely helping low-level cybercriminals do competent work.Nate Nelson, Contributing WriterNovember 26, 20255 Min ReadSource: Palo Alto Networks' Unit 42Artificial intelligence-generated malware hasn't yet lived up to everyone's fears, but it is helping script kiddies and foreign language speakers smooth out the kinks in their cyberattacks.On Nov. 30, 2022, developers in San Francisco released a chatbot that could Google things for you, or write poems like Robert Frost, in fractions of a second. It stoked the imagination. For many in cybersecurity, the implication was obvious: soon large language models (LLMs) would be able to write malware, and even carry out autonomous cyberattacks on behalf of bad actors. And, some argued, a dystopian sci-fi future was already here.Three years later, it feels like a good time to take stock. In a new blog post, Palo Alto Networks' Unit 42 reviews two of the leading "dark" LLMs on the market today: WormGPT 4, and KawaiiGPT. What stands out about WormGPT 4 and KawaiiGPT is both how useful they are to low-level hackers, and how totally flaccid they are in every other respect. Both are capable of writing rudimentary malware, and grammatically correct phishing emails for hackers operating across language barriers, and generally aiding script kiddies through different phases of an attack chain. And that's about it.What Dark LLMs Can Do for CybercriminalsRelated:Iran Exploits Cyber Domain to Aid Kinetic StrikesEvery pundit's prophecy of an AI cyber-pocalypse seemed to have been confirmed when, in the summer of 2023, a malware-as-a-service (MaaS) product hit the underground market called WormGPT.WormGPT was marketed as a cutting edge chatbot without all of those pesky guardrails that hackers got snagged on when they tried playing funny with ChatGPT. Allegedly, it was built using the open source LLM GPT-J 6B, and trained on phishing, malware, and exploit samples. For tens to hundreds of dollars a month, cybercriminals could use WormGPT to write snippets of basic malicious code, and create clean, persuasive phishing messages.There's scant evidence that WormGPT had any significant impact on real malicious activity in the wild. But as a proof-of-concept (PoC), it sufficiently spooked the cybersecurity community, and inspired a variety of knockoffs in the cyber underground, most notably WormGPT 4.Like its spiritual predecessor, WormGPT 4 is marketed as "AI without boundaries," featuring "advanced capabilities [to] generate any content, and access information without limits or censorship." When Unit 42 researchers prompted WormGPT 4 for resources it could use in ransomware attacks, it generated a hackneyed but grammatically flawless ransom note, and a locker for PDF files that could be configured to attack other file extensions and use Tor for data exfiltration.Related:'JackFix' Attack Circumvents ClickFix MitigationsSource: Palo Alto Networks' Unit 42The researchers also tested out one of WormGPT 4's competitors, KawaiiGPT. KawaiiGPT drafted competent, if dry, phishing messages and ransom notes, and simple but functional Python scripts for data exfiltration. It could also perform lateral movement on a Linux host.Source: Palo Alto Networks' Unit 42Are Dark LLMs Actually Having Any Impact on Cybercrime?KawaiiGPT's free access, and its competence in helping novice hackers through every step of an attack chain, has helped it earn a modest following. In a message sent to a 180-member Telegram channel, KawaiiGPT's creator claimed that the tool has reached more than 500 registered users, around half of whom are active.WormGPT 4 meanwhile is sold using a tiered subscription model, but its Telegram community is larger, with more than 500 subscribers.Oded Vanunu, chief technologist and head of products vulnerability research at Check Point, notes that the market for dark LLMs like these is in some ways flourishing. "Hackers are actively competing and developing tools that build on predecessors like WormGPT," he says. "Commercial dark LLMs are sold for money, [and] skilled actors are building proprietary models and integrating them directly into their local infrastructure using configuration methods, bypassing the commercial market altogether. The market is thus both commercial and privately developed."Related:'Matrix Push' C2 Tool Hijacks Browser NotificationsAll this might suggest that dark LLMs are having a real impact in the cyber threat landscape today. However, even three years on, researchers seem to lack hard evidence to prove it. "It is nearly impossible to track if dark LLMs are widely adopted or not," admits Andy Piazza, senior director of threat intelligence for Unit 42, because researchers lack the tools necessary to detect AI's hand in malicious artifacts, except for those rare cases where the attackers tip their hands.AI Malware Remains ImpotentFor all of the help they provide to low-level hackers, what also stands out about WormGPT 4 and KawaiiGPT is just how technically underwhelming they are, at least compared to popular predictions about AI malware in the media.Kyle Wilhoit, Unit 42's director of threat research, points to a few reasons why these tools are lagging. "LLMs still hallucinate, generating plausible looking but factually incorrect code," he says, as one example. "The often abstract knowledge necessary to create a fully functioning malware sample is difficult for a dark LLM to to construct. I also think that human oversight is still required to check for hallucinations or adapt to network specifics, for example.”The bottom line, Vanunu says, is that "advancement is slow because AI currently brings no new technological gap or advantage to the fundamental mechanics of the cyberattack process." As evidenced by their well-worn malware tricks and trite ransom notes, the most popular dark LLMs today are still just copping from artifacts available on the Web today, instead of producing novel outputs that move the needle.Thankfully, that means that all of the talk of AI malware versus AI defenses was premature. "The reality is that the vast majority of the dark-LLM generated malware is based on known malware samples, which means we have existing tools and signatures in place to detect the common malware techniques," Piazza says. About the AuthorNate Nelson, Contributing WriterNate Nelson is a writer based in New York City. He formerly worked as a reporter at Threatpost, and wrote "Malicious Life," an award-winning Top 20 tech podcast on Apple and Spotify. Outside of Dark Reading, he also co-hosts "The Industrial Security Podcast."See more from Nate Nelson, Contributing WriterMore InsightsIndustry Reports2025 State of Threat Intelligence: What it means for your cybersecurity strategyGartner Innovation Insight: AI SOC AgentsState of AI and Automation in Threat IntelligenceGuide to Network Analysis Visibility SolutionsOrganizations Require a New Approach to Handle Investigation and Response in the CloudAccess More ResearchWebinarsIdentity Security in the Agentic AI EraHow AI & Autonomous Patching Eliminate Exposure RisksSecuring the Hybrid Workforce: Challenges and SolutionsCybersecurity Outlook 2026Threat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesMore WebinarsYou May Also LikeBlack Hat Middle East & AfricaCybersecurity OperationsAs Gen Z Enters Cybersecurity, Jury Is Out on AI's ImpactAs Gen Z Enters Cybersecurity, Jury Is Out on AI's ImpactbyRobert Lemos, Contributing WriterNov 25, 20254 Min ReadKeep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeWebinarsIdentity Security in the Agentic AI EraTues, Dec 9, 2025 at 1pm ESTHow AI & Autonomous Patching Eliminate Exposure RisksOn-DemandSecuring the Hybrid Workforce: Challenges and SolutionsTues, Nov 4, 2025 at 1pm ESTCybersecurity Outlook 2026Virtual Event | December 3rd, 2025 | 11:00am - 5:20pm ET | Doors Open at 10:30am ETThreat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesTuesday, Oct 21, 2025 at 1pm ESTMore WebinarsWhite PapersSecure SAST. Innovate Fast: The future of SaaS and Cloud SecurityWhat Can an AI-Powered AppSec Engineer Do?How Squarespace and Semgrep Scaled Secure Development Across Thousands of ReposMissing 88% of Exploits: Rethinking KEV in the AI EraThe Straightforward Buyer's Guide to EDRExplore More White PapersDiscover MoreBlack HatOmdiaWorking With UsAbout UsAdvertiseReprintsJoin UsNewsletter Sign-UpFollow UsCopyright © 2025 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.Home|Cookie Policy|Privacy|Terms of Use

Dark LLMs are currently failing to live up to the hype surrounding AI-powered cyberattacks. While artificial intelligence tools like WormGPT 4 and KawaiiGPT are proving useful to low-level cybercriminals, assisting them with tasks such as generating grammatically correct phishing emails and creating rudimentary malware, their technical capabilities remain limited.

Palo Alto Networks’ Unit 42 researchers found that these “dark” LLMs, despite their utility, suffer from fundamental technical shortcomings. They frequently “hallucinate,” producing plausible-looking but factually incorrect code, and struggle with the complex, abstract knowledge needed to construct fully functioning malware samples. Human oversight is still required to verify outputs and adapt them to specific network conditions.

The core issue is that these LLMs primarily rely on existing, readily available online artifacts – essentially copying and pasting – rather than generating truly novel techniques. This limits their impact and makes them vulnerable to detection.

Despite these limitations, the market for dark LLMs is growing. Cybercriminals are actively competing and developing their own tools, both commercially and through private, customized implementations, bypassing traditional commercial markets. While the vast majority of AI-generated malware currently originates from readily available online samples, providing existing signatures for detection, the situation is evolving.

Currently, Unit 42’s analysts, including Andy Piazza and Kyle Wilhoit, note that detection relies on recognizing these known malware techniques. The overall impact of dark LLMs on the broader cyber threat landscape remains uncertain, as evidenced by the lack of comprehensive data on their adoption and effectiveness. The technology is still early in its development, providing a useful but ultimately limited tool for attackers.