Unrestricted Large Language Models: New Threats to Security in the Encryption Industry

With the rapid development of artificial intelligence technology, advanced models from the GPT series to Gemini are profoundly changing our work and lifestyles. However, this technological advancement also brings potential security risks, especially with the emergence of unrestricted or malicious large language models.

Unrestricted LLMs refer to language models that are specifically designed, modified, or "jailbroken" to bypass the built-in safety mechanisms and ethical constraints of mainstream models. Although mainstream LLM developers invest significant resources to prevent misuse of the models, some individuals or organizations, driven by improper motives, begin to seek or develop unrestricted models. This article will explore the potential threats posed by such models in the encryption industry, as well as the associated security challenges and response strategies.

Unlimited LLM Abuse Methods

The emergence of such models has significantly lowered the threshold for implementing complex attacks. Even individuals without specialized skills can easily generate malicious code, create phishing emails, or orchestrate scams. Attackers only need to obtain the weights and code of open-source models and fine-tune them with a dataset containing malicious content to create customized attack tools.

This trend brings multiple risks:

1. Attackers can customize models targeting specific objectives to generate more deceptive content, bypassing conventional content review.
2. The model can be used to quickly generate variations of phishing website code or customize scam copy for different platforms.
3. The accessibility of open-source models has fostered the formation of an underground AI ecosystem, providing a breeding ground for illegal activities.

Here are several typical unrestricted LLMs and their potential threats:

WormGPT: Black Version GPT

WormGPT is a malicious LLM openly sold in underground forums, claiming to have no ethical restrictions. It is based on open-source models like GPT-J 6B and is trained on a large dataset related to malware. Users can obtain a one-month subscription for just 189 dollars.

In the encryption field, WormGPT may be misused for:

• Generate realistic phishing emails to lure users into clicking malicious links or leaking private keys.
• Assist in writing malicious code such as stealing wallet files and monitoring the clipboard.
• Drive automated scams and lead victims to participate in false projects.

DarkBERT: A Double-Edged Sword for Dark Web Content

DarkBERT is a language model specifically trained on dark web data, originally intended to assist researchers and law enforcement in understanding the dark web ecosystem. However, if misused, the sensitive information it holds could lead to serious consequences.

In the encryption field, the potential risks of DarkBERT include:

• Collect user and project team information to implement precise fraud.
• Copy mature coin theft and money laundering techniques from the dark web.

FraudGPT: A multifunctional tool for online fraud

FraudGPT claims to be an upgraded version of WormGPT, primarily sold on the dark web and hacker forums. Its abuse methods in the encryption field include:

• Generate realistic fake encryption project copy and marketing materials.
• Batch production of phishing pages that impersonate well-known exchanges.
• Mass manufacture of fake reviews to promote scam tokens or discredit competing projects.
• Mimic human conversation to induce users to disclose sensitive information.

GhostGPT: An AI assistant unbound by moral constraints.

GhostGPT is an AI chatbot explicitly positioned as having no ethical constraints. In the encryption field, it may be used for:

• Generate highly realistic phishing emails that impersonate mainstream exchanges to issue false notifications.
• Quickly generate smart contract code with hidden backdoors.
• Create malware with morphing capabilities to steal wallet information.
• Combine with other AI tools to generate fake voice of the project party and carry out phone scams.

Venice.ai: Potential risks of uncensored access

Venice.ai provides access to various LLMs, including some models with fewer restrictions. While its aim is to offer users an open AI experience, it may also be misused to generate malicious content. Potential risks include:

• Use models with fewer restrictions to bypass censorship, generating phishing templates or attack ideas.
• Lower the threshold for malicious prompt engineering.
• Accelerate the iteration and optimization of attack scripts.

Coping Strategies

In the face of new threats posed by unrestricted LLMs, the encryption industry needs a multi-faceted approach:

1. Increase investment in detection technology and develop tools that can identify and intercept AI-generated malicious content.
2. Promote the construction of model anti-jailbreak capabilities, exploring watermarking and tracing mechanisms.
3. Establish a sound ethical framework and regulatory mechanism to restrict the development and abuse of malicious models from the source.
4. Strengthen user education to improve the ability to identify AI-generated content.
5. Promote industry collaboration, sharing threat intelligence and best practices.

Only through the collaborative efforts of all parties in the security ecosystem can we effectively address this emerging security challenge and protect the healthy development of the encryption industry.