Pandora's Box: How Unrestricted Large Models Threaten Crypto Security

6/10/2025, 1:50:39 AM
Intermediate
AI
With the proliferation of open-source large models, "unrestricted AI tools" like WormGPT and FraudGPT are being misused to generate phishing emails, write malicious contracts, and manipulate user communities, posing a serious threat to the security of the encryption industry. This article details the principles, uses, and countermeasures of these models, sounding the alarm for Web3 practitioners.

From OpenAI’s GPT series to Google’s Gemini, and various open-source models, advanced artificial intelligence is profoundly reshaping our work and lifestyles. However, alongside the rapid technological advancements, a concerning dark side is gradually emerging - the rise of unrestricted or malicious large language models.

The so-called unrestricted LLM refers to language models that are specifically designed, modified, or “jailbroken” to bypass the built-in safety mechanisms and ethical constraints of mainstream models. Mainstream LLM developers typically invest significant resources to prevent their models from being used to generate hate speech, false information, malicious code, or provide instructions for illegal activities. However, in recent years, some individuals or organizations have begun to seek or develop unrestricted models for motives such as cybercrime. In light of this, this article will review typical unrestricted LLM tools, introduce their abuse in the encryption industry, and discuss related security challenges and responses.

How can unrestricted LLMs be malicious?

Tasks that used to require professional skills, such as writing malicious code, creating phishing emails, and planning scams, can now be easily accomplished by ordinary people without any programming experience with the assistance of unrestricted LLMs. Attackers only need to obtain the weights and source code of open-source models, and then fine-tune them on datasets containing malicious content, biased statements, or illegal instructions to create customized attack tools.

This model has given rise to multiple risk hazards: attackers can “magically modify” models based on specific targets to generate more deceptive content, thereby bypassing the content review and security restrictions of conventional LLMs; the model can also be used to quickly generate code variants for phishing websites or tailor scam copy for different social media platforms; meanwhile, the accessibility and modifiability of open-source models continue to foster the formation and spread of an underground AI ecosystem, providing a breeding ground for illegal transactions and development. Below is a brief introduction to such unrestricted LLMs:

WormGPT: Black Version GPT

WormGPT is a malicious LLM openly sold on underground forums, whose developers explicitly claim it has no ethical restrictions, making it a black version of the GPT model. It is based on open-source models like GPT-J 6B and trained on a large amount of data related to malware. Users need to pay a minimum of $189 to gain a month’s access. The most notorious use of WormGPT is to generate highly realistic and persuasive Business Email Compromise (BEC) attack emails and phishing emails. Its typical abuses in the encryption space include:

  • Generate phishing emails/messages: Imitate cryptocurrency exchanges, wallets, or well-known projects to send “account verification” requests to users, inducing them to click on malicious links or leak private keys/seed phrases;
  • Writing malicious code: Assisting less technically skilled attackers in writing malicious code that steals wallet files, monitors the clipboard, logs keystrokes, etc.
  • Drive automated scams: Automatically reply to potential victims, guiding them to participate in fake airdrops or investment projects.


DarkBERT: A Double-Edged Sword for Dark Web Content

DarkBERT is a language model developed in collaboration between researchers from the Korea Advanced Institute of Science and Technology (KAIST) and S2W Inc., specifically pre-trained on dark web data (such as forums, black markets, and leaked information) with the intention of helping cybersecurity researchers and law enforcement agencies better understand the dark web ecosystem, track illegal activities, identify potential threats, and gather threat intelligence.

Although DarkBERT was designed with good intentions, the sensitive content it holds regarding the dark web, including data, attack methods, and illegal trading strategies, could have dire consequences if malicious actors were to obtain it or utilize similar technologies to train unrestricted large models. Its potential misuse in encryption scenarios includes:

  • Implementing precise scams: collecting information on encryption users and project teams for social engineering fraud.
  • Imitation of criminal modus operandi: Replicating proven coin theft and money laundering tactics on the dark web.

FraudGPT: The Swiss Army Knife of Online Fraud

FraudGPT claims to be an upgraded version of WormGPT, offering more comprehensive features, primarily sold on the dark web and hacker forums, with monthly fees ranging from $200 to $1,700. Its typical abuses in the encryption scenario include:

  • Counterfeit encryption projects: Generate fake white papers, official websites, roadmaps, and marketing copy to implement fraudulent ICOs/IDOs.
  • Batch generate phishing pages: Quickly create imitation login pages for well-known encryption currency exchanges or wallet connection interfaces.
  • Social media bot activities: mass production of fake comments and propaganda, boosting scam tokens or discrediting competing projects.
  • Social engineering attacks: This chatbot can mimic human conversations, establish trust with unsuspecting users, and entice them to inadvertently disclose sensitive information or perform harmful actions.

GhostGPT: An AI assistant unbound by moral constraints

GhostGPT is an AI chatbot explicitly positioned as having no ethical constraints, with typical abuses in the encryption scenario including:

  • Advanced phishing attacks: Generate highly realistic phishing emails that impersonate mainstream exchanges to issue false KYC verification requests, security alerts, or account freeze notifications.
  • Malicious Code Generation for Smart Contracts: Without any programming background, attackers can quickly generate smart contracts containing hidden backdoors or fraudulent logic using GhostGPT, for Rug Pull scams or attacks on DeFi protocols.
  • Polymorphic cryptocurrency stealer: Generates malware with continuous morphing capabilities to steal wallet files, private keys, and mnemonic phrases. Its polymorphic characteristics make traditional signature-based security software difficult to detect.
  • Social engineering attacks: By combining AI-generated scripts, attackers can deploy bots on platforms like Discord and Telegram to lure users into participating in fake NFT minting, airdrops, or investment projects.
  • Deepfake scams: In conjunction with other AI tools, GhostGPT can be used to generate the voices of fake encryption project founders, investors, or exchange executives, implementing phone scams or Business Email Compromise (BEC) attacks.

Venice.ai: Potential Risks of Uncensored Access

Venice.ai provides access to various LLMs, including some models with less scrutiny or looser restrictions. It positions itself as an open gateway for users to explore the capabilities of different LLMs, offering cutting-edge, accurate, and unmoderated models for a truly unrestricted AI experience, but it may also be exploited by malicious actors to generate harmful content. The risks associated with the platform include:

  • Bypassing censorship to generate malicious content: Attackers can use models with fewer restrictions on the platform to create phishing templates, false propaganda, or attack ideas.
  • Lower the threshold for prompt engineering: even if attackers do not possess advanced “jailbreaking” prompt skills, they can easily obtain outputs that were originally restricted.
  • Accelerated attack script iteration: Attackers can use this platform to quickly test different models’ responses to malicious commands, optimizing fraud scripts and attack methods.

Written at the end

The emergence of unrestricted LLMs marks a new paradigm of attacks on cybersecurity that is more complex, scalable, and automated. These models not only lower the threshold for attacks but also introduce new threats that are more covert and deceptive.

In this ongoing game of offense and defense, all parties in the security ecosystem must work together to cope with future risks: on one hand, there is a need to increase investment in detection technologies to develop systems capable of identifying and intercepting phishing content generated by malicious LLMs, exploiting smart contract vulnerabilities, and malicious code; on the other hand, efforts should also be made to promote the construction of model anti-jailbreaking capabilities and to explore watermarking and tracing mechanisms to track the sources of malicious content in critical scenarios such as finance and code generation; in addition, a sound ethical framework and regulatory mechanism must be established to fundamentally limit the development and misuse of malicious models.

Statement:

  1. This article is reprinted from [TechFlow] The copyright belongs to the original author [TechFlow] If there are any objections to the reprint, please contact Gate Learn TeamThe team will process it as quickly as possible according to the relevant procedures.
  2. Disclaimer: The views and opinions expressed in this article are solely those of the author and do not constitute any investment advice.
  3. The other language versions of the article are translated by the Gate Learn team, unless otherwise mentioned.GateUnder such circumstances, it is prohibited to copy, disseminate, or plagiarize translated articles.

Share

Crypto Calendar
Tokenların Kilidini Aç
Grass, 28 Ekim'de mevcut dolaşım arzının yaklaşık %74,21'ini oluşturan 181.000.000 GRASS tokeni açığa çıkaracak.
GRASS
-5.91%
2025-10-27
Ana Ağ v.2.0 Lansmanı
DuckChain Token, Ekim ayında ana ağ v.2.0'ı başlatacak.
DUCK
-8.39%
2025-10-27
StVaults Lansmanı
Lido, Lido v.3.0 güncellemesinin bir parçası olarak stVaults'ın Ekim ayında ana ağda kullanılmaya başlayacağını duyurdu. Bu arada, kullanıcılar testnet'te özellikleri keşfedebilirler. Yayın, yeni modüler kasa mimarisi aracılığıyla Ethereum staking altyapısını geliştirmeyi amaçlıyor.
LDO
-5.66%
2025-10-27
MA
Sidus, Ekim ayında bir AMA düzenleyecek.
SIDUS
-4.2%
2025-10-27
Forte Ağı Yükseltmesi
Flow, Ekim ayında başlayacak Forte yükseltmesini duyurdu. Bu yükseltme, geliştirici deneyimini iyileştirmek ve AI ile tüketiciye hazır on-chain uygulamalarını mümkün kılmak için araçlar ve performans iyileştirmeleri sunacak. Güncelleme, Cadence diline yönelik yeni özellikler, yeniden kullanılabilir bileşenler için bir kütüphane, protokol iyileştirmeleri ve rafine tokenomi içermektedir. Flow'daki mevcut ve yeni geliştiriciler, en son yetenekleri kullanarak uygulamalar ve yükseltmeler yayınlayacak. Ek detaylar, ETHGlobal hackathonu öncesinde 14 Ağustos'ta Pragma New York'ta paylaşılacak.
FLOW
-2.81%
2025-10-27
sign up guide logosign up guide logo
sign up guide content imgsign up guide content img
Start Now
Sign up and get a
$100
Voucher!
Create Account

Related Articles

Arweave: Capturing Market Opportunity with AO Computer
Beginner

Arweave: Capturing Market Opportunity with AO Computer

Decentralised storage, exemplified by peer-to-peer networks, creates a global, trustless, and immutable hard drive. Arweave, a leader in this space, offers cost-efficient solutions ensuring permanence, immutability, and censorship resistance, essential for the growing needs of NFTs and dApps.
6/8/2024, 2:46:17 PM
 The Upcoming AO Token: Potentially the Ultimate Solution for On-Chain AI Agents
Intermediate

The Upcoming AO Token: Potentially the Ultimate Solution for On-Chain AI Agents

AO, built on Arweave's on-chain storage, achieves infinitely scalable decentralized computing, allowing an unlimited number of processes to run in parallel. Decentralized AI Agents are hosted on-chain by AR and run on-chain by AO.
6/18/2024, 3:14:52 AM
AI Agents in DeFi: Redefining Crypto as We Know It
Intermediate

AI Agents in DeFi: Redefining Crypto as We Know It

This article focuses on how AI is transforming DeFi in trading, governance, security, and personalization. The integration of AI with DeFi has the potential to create a more inclusive, resilient, and future-oriented financial system, fundamentally redefining how we interact with economic systems.
11/28/2024, 3:45:01 AM
Dimo: Decentralized Revolution of Vehicle Data
Beginner

Dimo: Decentralized Revolution of Vehicle Data

Dimo is a car IoT platform built on Polygon, allowing car owners to collect and share vehicle data such as mileage, speed, and location, in exchange for DIMO tokens as rewards. The platform enables real-time monitoring, management, and monetization of vehicle data through integration with hardware such as AutoPi OBDII devices. The DIMO token, based on ERC-20, aims to incentivize user participation, with governance features included in its token economy. Dimo also collaborates with IoTeX, integrating W3bstream technology to support Web3 developers' access to vehicle data, jointly creating a new ecosystem for mobile travel. With two rounds of funding raising $20.5 million, the Dimo project has a fixed token supply, with circulating supply gradually increasing.
5/6/2024, 12:37:57 PM
What is AIXBT by Virtuals? All You Need to Know About AIXBT
Intermediate

What is AIXBT by Virtuals? All You Need to Know About AIXBT

AIXBT by Virtuals is a crypto project combining blockchain, artificial intelligence, and big data with crypto trends and prices.
1/7/2025, 6:43:58 AM
Virtuals Protocol: Tokenising AI Agents
Intermediate

Virtuals Protocol: Tokenising AI Agents

Virtuals Protocol provides a framework for creating, owning, and scaling tokenized AI Agents. Our deep dive into Virtuals’ smart contracts revealed a sophisticated system for permissionless contributions and value creation.
11/29/2024, 3:31:42 AM