Cybercriminals Weigh Options for Using LLMs: Buy, Build, or Break?

Cybercriminals are looking for ways to integrate large language models (LLMs) into their attacks, and they have three main options: trying to bypass the safeguards on existing LLMs, building their own LLMs, or using uncensored open-source models.

One recent example is Dark Gemini, an underground service that appears to modify prompts sent to a legitimate LLM in order to bypass restrictions. While Dark Gemini's abilities weren't very impressive, it demonstrates how cybercriminals can leverage existing LLMs to enhance phishing attacks, for instance, by generating more convincing text.

Security researchers are concerned that nation-state actors are already using LLMs to improve their operations. Additionally, some researchers believe the safeguards on LLMs can be easily bypassed. However, it seems that using LLMs for more complex tasks, like creating malware, will still be difficult due to the current limitations.

In conclusion, cybercriminals are actively looking for ways to exploit LLMs, and while there are challenges, even basic use of LLMs can improve the effectiveness of existing attacks.

 

Dark Reading 04/01/2024