Skip to main content
Top

2025 | OriginalPaper | Chapter

Combining Uncensored and Censored LLMs for Ransomware Generation

Authors : Muhammad Mudassar Yamin, Ehtesham Hashmi, Basel Katt

Published in: Web Information Systems Engineering – WISE 2024

Publisher: Springer Nature Singapore

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Uncensored LLMs represent a category of language models free from ethical constraints, thus prone to misuse for various malicious purposes like generating malware. However, their capabilities fall short compared to commercially available LLMs, which are censored and unsuitable for such nefarious activities. Previously, researchers could bypass censorship in LLMs to generate malicious content using Jail Breaks. However, over time and with the introduction of new security measures, such exploits have become increasingly rare. In this research, we propose a novel technique in which we combine censored and uncensored LLMs for the generation of Ransomware. The uncensored LLM will generate the initial malware, which will then be refined by the censored LLM to create a final, functional Ransomware. We have tested the developed Ransomware in the latest version of Windows OS and found it suitable for exploitation purposes. Additionally, with minor efforts, the Ransomware can be updated using LLM for code obfuscation and unnecessary functionality addition for bypassing antivirus and antimalware solutions.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literature
1.
go back to reference Chang, Y., et al.: A survey on evaluation of large language models. ACM Trans. Intell. Syst. Technol 15(3), 1–45 (2024)CrossRef Chang, Y., et al.: A survey on evaluation of large language models. ACM Trans. Intell. Syst. Technol 15(3), 1–45 (2024)CrossRef
2.
go back to reference Monje, A., Monje, A., Hallman, R.A., Cybenko, G.: Being a bad influence on the kids: malware generation in less than five minutes using ChatGPT (2023) Monje, A., Monje, A., Hallman, R.A., Cybenko, G.: Being a bad influence on the kids: malware generation in less than five minutes using ChatGPT (2023)
3.
go back to reference Vaswani, A., et al.: Attention is all you need. In: Advances in Neural Information Processing Systems, vol. 30 (2017) Vaswani, A., et al.: Attention is all you need. In: Advances in Neural Information Processing Systems, vol. 30 (2017)
4.
go back to reference Hashmi, E., Yayilgan, S.Y.: Multi-class hate speech detection in the Norwegian language using fast-RNN and multilingual fine-tuned transformers. Complex Intell. Syst. 10(3), 1–22 (2024)CrossRef Hashmi, E., Yayilgan, S.Y.: Multi-class hate speech detection in the Norwegian language using fast-RNN and multilingual fine-tuned transformers. Complex Intell. Syst. 10(3), 1–22 (2024)CrossRef
5.
go back to reference Derner, E., Batistič, K., Zahálka, J., Babuška, R.: A security risk taxonomy for large language models. arXiv preprint arXiv:2311.11415 (2023) Derner, E., Batistič, K., Zahálka, J., Babuška, R.: A security risk taxonomy for large language models. arXiv preprint arXiv:​2311.​11415 (2023)
6.
7.
go back to reference Mozes, M., He, X., Kleinberg, B., Griffin, L.D.: Use of LLMs for illicit purposes: Threats, prevention measures, and vulnerabilities. arXiv preprint arXiv:2308.12833 (2023) Mozes, M., He, X., Kleinberg, B., Griffin, L.D.: Use of LLMs for illicit purposes: Threats, prevention measures, and vulnerabilities. arXiv preprint arXiv:​2308.​12833 (2023)
8.
go back to reference Yamin, M.M., Katt, B., Gkioulos, V.: Cyber ranges and security testbeds: scenarios, functions, tools and architecture. Comput. Secu. 88, 101636 (2020)CrossRef Yamin, M.M., Katt, B., Gkioulos, V.: Cyber ranges and security testbeds: scenarios, functions, tools and architecture. Comput. Secu. 88, 101636 (2020)CrossRef
9.
go back to reference Yamin, M.M., Katt, B.: Modeling and executing cyber security exercise scenarios in cyber ranges. Comput. Secu. 116, 102635 (2022)CrossRef Yamin, M.M., Katt, B.: Modeling and executing cyber security exercise scenarios in cyber ranges. Comput. Secu. 116, 102635 (2022)CrossRef
10.
go back to reference Yamin, M.M., Hashmi, E., Ullah, M., Katt, B.: Applications of LLMs for generating cyber security exercise scenarios (2024) Yamin, M.M., Hashmi, E., Ullah, M., Katt, B.: Applications of LLMs for generating cyber security exercise scenarios (2024)
11.
go back to reference Rai, P., Sood, S., Madisetti, V.K., Bahga, A.: GUARDIAN: a multi-tiered defense architecture for thwarting prompt injection attacks on LLMs. J. Softw. Eng. Appl. 17(1), 43–68 (2024)CrossRef Rai, P., Sood, S., Madisetti, V.K., Bahga, A.: GUARDIAN: a multi-tiered defense architecture for thwarting prompt injection attacks on LLMs. J. Softw. Eng. Appl. 17(1), 43–68 (2024)CrossRef
12.
go back to reference Sun, Y., et al.: LLM4Vuln: A unified evaluation framework for decoupling and enhancing LLMs’ vulnerability reasoning. arXiv preprint arXiv:2401.16185 (2024) Sun, Y., et al.: LLM4Vuln: A unified evaluation framework for decoupling and enhancing LLMs’ vulnerability reasoning. arXiv preprint arXiv:​2401.​16185 (2024)
13.
go back to reference Nair, D., Mhavan, N.: Augmenting cybersecurity: a survey of intrusion detection systems in combating zero-day vulnerabilities. In: Smart Analytics, Artificial Intelligence and Sustainable Performance Management in a Global Digitalised Economy, pp. 129–153, Emerald Publishing Limited (2023) Nair, D., Mhavan, N.: Augmenting cybersecurity: a survey of intrusion detection systems in combating zero-day vulnerabilities. In: Smart Analytics, Artificial Intelligence and Sustainable Performance Management in a Global Digitalised Economy, pp. 129–153, Emerald Publishing Limited (2023)
14.
go back to reference Ahmad, R., Alsmadi, I., Alhamdani, W., Tawalbeh, L.: Zero-day attack detection: a systematic literature review. Artif. Intell. Rev. 56(10), 10733–10811 (2023)CrossRef Ahmad, R., Alsmadi, I., Alhamdani, W., Tawalbeh, L.: Zero-day attack detection: a systematic literature review. Artif. Intell. Rev. 56(10), 10733–10811 (2023)CrossRef
15.
go back to reference Pa Pa, Y.M., Tanizaki, S., Kou, T., Van Eeten, M., Yoshioka, K., Matsumoto, T.: An attacker’s dream? Exploring the capabilities of ChatGPT for developing malware. In: Proceedings of the 16th Cyber Security Experimentation and Test Workshop, pp. 10–18 (2023) Pa Pa, Y.M., Tanizaki, S., Kou, T., Van Eeten, M., Yoshioka, K., Matsumoto, T.: An attacker’s dream? Exploring the capabilities of ChatGPT for developing malware. In: Proceedings of the 16th Cyber Security Experimentation and Test Workshop, pp. 10–18 (2023)
16.
go back to reference Shen, X., Chen, Z., Backes, M., Shen, Y., Zhang, Y.: do anything now: Characterizing and evaluating in-the-wild jailbreak prompts on large language models. arXiv preprint arXiv:2308.03825 (2023) Shen, X., Chen, Z., Backes, M., Shen, Y., Zhang, Y.: do anything now: Characterizing and evaluating in-the-wild jailbreak prompts on large language models. arXiv preprint arXiv:​2308.​03825 (2023)
17.
go back to reference Cotroneo, D., Foggia, A., Improta, C., Liguori, P., Natella, R.: Automating the correctness assessment of AI-generated code for security contexts. arXiv preprint arXiv:2310.18834 (2023) Cotroneo, D., Foggia, A., Improta, C., Liguori, P., Natella, R.: Automating the correctness assessment of AI-generated code for security contexts. arXiv preprint arXiv:​2310.​18834 (2023)
18.
go back to reference Natella, R., Liguori, P., Improta, C., Cukic, B., Cotroneo, D.: AI code generators for security: Friend or foe? IEEE Security & Privacy (2024) Natella, R., Liguori, P., Improta, C., Cukic, B., Cotroneo, D.: AI code generators for security: Friend or foe? IEEE Security & Privacy (2024)
19.
go back to reference Gupta, M., Akiri, C., Aryal, K., Parker, E., Praharaj, L.: From ChatGPT to ThreatGPT: Impact of generative AI in cybersecurity and privacy. IEEE Access (2023) Gupta, M., Akiri, C., Aryal, K., Parker, E., Praharaj, L.: From ChatGPT to ThreatGPT: Impact of generative AI in cybersecurity and privacy. IEEE Access (2023)
20.
go back to reference Esmradi, A., Yip, D.W., Chan, C.F.: A comprehensive survey of attack techniques, implementation, and mitigation strategies in large language models. In: Wang, G., Wang, H., Min, G., Georgalas, N., Meng, W. (eds.) Ubiquitous Security. UbiSec 2023. Communications in Computer and Information Science, vol. 2034, pp. 76–95. Springer, Singapore (2024). https://doi.org/10.1007/978-981-97-1274-8_6 Esmradi, A., Yip, D.W., Chan, C.F.: A comprehensive survey of attack techniques, implementation, and mitigation strategies in large language models. In: Wang, G., Wang, H., Min, G., Georgalas, N., Meng, W. (eds.) Ubiquitous Security. UbiSec 2023. Communications in Computer and Information Science, vol. 2034, pp. 76–95. Springer, Singapore (2024). https://​doi.​org/​10.​1007/​978-981-97-1274-8_​6
21.
go back to reference Richardson, R., North, M.M.: Ransomware: evolution, mitigation and prevention. Int. Manag. Rev. 13(1), 10 (2017) Richardson, R., North, M.M.: Ransomware: evolution, mitigation and prevention. Int. Manag. Rev. 13(1), 10 (2017)
22.
go back to reference Matthijsse, S.R., van t Hoff-de Goede, M.S., Leukfeldt, E.R.: Your files have been encrypted: A crime script analysis of ransomware attacks. Trends Organized Crime, pp. 1–27 (2023) Matthijsse, S.R., van t Hoff-de Goede, M.S., Leukfeldt, E.R.: Your files have been encrypted: A crime script analysis of ransomware attacks. Trends Organized Crime, pp. 1–27 (2023)
23.
go back to reference Lin, Z., Cui, J., Liao, X., Wang, X.: Malla: Demystifying real-world large language model integrated malicious services. arXiv preprint arXiv:2401.03315 (2024) Lin, Z., Cui, J., Liao, X., Wang, X.: Malla: Demystifying real-world large language model integrated malicious services. arXiv preprint arXiv:​2401.​03315 (2024)
24.
go back to reference Jin, M., Zhu, S., Wang, B., Zhou, Z., Zhang, C., Zhang, Y., et al.: AttackEval: How to evaluate the effectiveness of jailbreak attacking on large language models. arXiv preprint arXiv:2401.09002 (2024) Jin, M., Zhu, S., Wang, B., Zhou, Z., Zhang, C., Zhang, Y., et al.: AttackEval: How to evaluate the effectiveness of jailbreak attacking on large language models. arXiv preprint arXiv:​2401.​09002 (2024)
Metadata
Title
Combining Uncensored and Censored LLMs for Ransomware Generation
Authors
Muhammad Mudassar Yamin
Ehtesham Hashmi
Basel Katt
Copyright Year
2025
Publisher
Springer Nature Singapore
DOI
https://doi.org/10.1007/978-981-96-0573-6_14

Premium Partner