Unrestricted large language models (LLMs) like WormGPT 4 and KawaiiGPT are improving their capabilities to generate malicious code, delivering functional scripts for ransomware encryptors and lateral movement.
Researchers at Palo Alto Networks Unit42 experimented with the two LLMs that are seeing increased adoption among cybercriminals through paid subscriptions or free local instances.
The WormGPT model originally emerged in 2023, but the project was reportedly discontinued the same year. WormGPT 4 is a resurgence of the brand that appeared in September. It is available $50/month or $220 for lifetime access and works as an uncensored ChatGPT variant specifically trained for cybercrime operations.
A free, community-driven alternative is KawaiiGPT, spotted this year in July, which can generate well-crafted phishing messages and automate lateral movement by producing ready-to-run scripts.
WormGPT 4’s locker script
Unit 42 researchers tested the malicious LLM’s capability to create ransomware code that encrypted all PDF files on a Windows host.
The tool generated a PowerShell script that could be configured to hunt for specific file extensions in certain paths and encrypt data using the AES-256 algorithm.
Source: Unit 42
According to the researchers, the generated code even added an option to exfiltrate data via Tor, which taps into realistic operational requirements.
With another prompt, WormGPT 4 produced “a chilling and effective ransom note” that claimed “military-grade encryption” and gave a 72-hour deadline before doubling the payment demand.
Source: Unit 42
According to the researchers, “WormGPT 4 provides credible linguistic manipulation for BEC and phishing attacks,” which allows even low-skilled attackers to engage in more complex attacks that were typically carried out by more experienced threat actors.
KawaiiGPT capabilities
The KawaiiGPT is another LLM documented this year. Unit 42 researchers tested version 2.5 and claim that setting it up on a Linux system takes just five minutes.
Source: Unit 42
The researchers tested its capabilities using prompts instructing it to create:
- a spear-phishing message generation with realistic domain spoofing and credential-harvesting links.
- a Python script for lateral movement that used the paramiko SSH library to connect to a host and execute commands remotely via exec_command()
- a Python script that recursively looked on a Windows filesystem for target files using os.walk, and then used Python’s smtplib library to pack and exfiltrate the data to an attacker-controlled address.
- Generate ransom notes with customizable payment instructions, time frames, and typical encryption strength claims
Source: Unit 42
Although KawaiiGPT did not demonstrate the generation of an actual encryption routine or a functional ransomware payload like WormGPT 4, the researchers warn that its command execution capability could allow attackers to escalate privileges, steal data, and drop and execute additional payloads.
Both malicious LLMs have hundreds of subscribed members on their dedicated Telegram channels where the community exchanges tips and advice.
“Analysis of these two models confirms that attackers are actively using malicious LLMs in the threat landscape,” warns Unit 42, also noting that the tools no longer represent a theoretical threat.
In both scenarios, inexperienced attackers gain the ability to conduct more advanced attacks at scale, cutting down the time required to research victims or craft tooling. The models also produce polished, natural-sounding phishing lures that lack the telltale grammar mistakes of traditional scams.
It’s budget season! Over 300 CISOs and security leaders have shared how they’re planning, spending, and prioritizing for the year ahead. This report compiles their insights, allowing readers to benchmark strategies, identify emerging trends, and compare their priorities as they head into 2026.
Learn how top leaders are turning investment into measurable impact.