What Is WormGPT? AI Ransomware Now on Dark Web

Criminal AI tools like WormGPT are being sold openly on dark web ransomware markets, and the numbers jumped 3,800% in just 90 days. This is not a future threat. It is happening right now, and the people buying these tools are coming for your inbox, your bank, and your employer.

What Is WormGPT? AI Ransomware Now on Dark Web
Quick Answer
AI-powered attack tools like WormGPT are sold openly on dark web ransomware markets. Listings jumped from 38 in December 2025 to 1,486 in February 2026. For a few hundred dollars, anyone with zero coding skills can buy AI that writes targeted phishing emails, automates social engineering, and deploys ransomware.

The Real Case: A 3,800% Spike in 90 Days

1,486 AI attack tool listings in February 2026, up from 38 in December 2025

Halcyon, an anti-ransomware firm, spent months monitoring Telegram channels, 20 dark web forums, and five underground markets. What they found wasn't gradual. It was a vertical spike.

In December 2025, they counted 38 posts advertising AI-based attack tools. By February 2026, that number had climbed to 1,486. That's a 3,800% increase in roughly 90 days.

WormGPT is the market leader, though calling it a single product misses the picture. WormGPT is now a brand name used by multiple criminal operators selling competing versions, like how 'Kleenex' became the word for any tissue. Some versions cost as little as $60 per month. Others run subscription tiers with customer support, update logs, and refund policies.

The buyers aren't elite hackers. That's the whole point. These tools exist specifically to hand serious attack capability to people who couldn't build it themselves. A motivated 19-year-old with a prepaid card and a grudge against their former employer now has access to AI that can craft a convincing, personalized phishing email in seconds.

💡 Key Insight: This is not a niche criminal market anymore. It scaled faster than most legitimate software startups.

How These AI Attack Tools Actually Work

Some WormGPT subscriptions start at $60/month with customer support included

Standard AI tools like ChatGPT have guardrails. Ask them to write a malware delivery email and they refuse. Criminal AI tools have those guardrails removed entirely.

A typical attack using a tool like WormGPT unfolds like this:

1. The attacker buys access to the AI through a dark web marketplace, usually via cryptocurrency. 2. They feed the AI personal information about the target: their name, employer, job title, and sometimes recent social media posts scraped automatically. 3. The AI generates a hyper-personalized phishing email that references real details from the target's life. No generic 'Dear Valued Customer' language. 4. The email contains a link or attachment that, when clicked, either installs ransomware or harvests login credentials. 5. If the target is a business, the attacker moves laterally through the network, escalating privileges until they can encrypt critical files and demand payment.

Some of the more advanced tools on these markets do far more than write emails. They automate multi-step conversations, responding to replies in real time to keep the victim engaged. One tool category, sometimes listed as 'AI social engineering suites,' can simulate a full IT support conversation over email or chat.

The scariest part: the AI gets the tone right. It sounds like a tired colleague sending a quick note at 6pm, not a scammer.

💡 Key Insight: Removing AI guardrails was not technically hard. The criminal market figured that out fast.

Why Smart People Are Still Getting Fooled

AI-generated phishing emails have a click-through rate up to 5x higher than traditional phishing

Most guides tell you to look for bad grammar and suspicious links. That advice is nearly useless now.

The old phishing email had typos. It called you 'Dear Friend.' It came from a Nigerian prince. You spotted it and felt smart. That era is gone.

AI-written phishing emails score higher on readability tests than average corporate communications. They match the writing style of whoever they're impersonating. They arrive at psychologically optimized times, late afternoon on a Friday when cognitive load is highest.

There's also a volume problem. Because these tools automate everything, a single attacker can run hundreds of simultaneous campaigns. The old model was one hacker sending thousands of identical emails hoping someone bites. The new model is one hacker sending thousands of uniquely personalized emails, each one tailored to a specific person's context.

One detail genuinely unsettles me: these AI tools can ingest a person's LinkedIn profile, their public tweets, and any press mentions, then synthesize a message that references their actual recent work. A victim who just closed a deal or attended a conference might get an email referencing that exact event. The psychological response is trust, not suspicion. I've seen this work on security-conscious people.

That's the trap. Familiarity reads as safety.

💡 Key Insight: The signal you trained yourself to trust, personalization and correct grammar, is now the weapon.

Your Defense Checklist: Do These Today

Physical security keys block 100% of automated phishing attempts according to Google's internal data

If you're relying on 'I'll just spot the bad emails,' you're wasting time. That strategy doesn't hold up against AI that writes better than most humans.

Do these things instead:

1. Set a family safe word right now. Pick a random word or short phrase that only your household knows. If someone calls or messages claiming to be you in an emergency, the safe word proves it. Write it down offline. Don't text it.

2. Call back on a known number. If you get an urgent email or message from your bank, your boss, or a family member asking you to act fast, hang up or close the message. Call them back using a number you already have saved, not one provided in the message.

3. Turn on hardware security keys for critical accounts. An app-based authenticator can be socially engineered around. A physical key like a YubiKey cannot be phished remotely. Use one for email and banking at minimum.

4. Never click links in emails to log in. Go directly to the website by typing the address yourself. Every time.

5. Tell your parents about WormGPT by name. Not a vague warning about scams. Show them this article. The specificity matters because it makes the threat feel real instead of abstract.

6. Ask your employer about email authentication standards. SPF, DKIM, and DMARC are technical protocols that make it harder to spoof a company email address. If your IT team hasn't deployed all three, that's a problem worth raising.

💡 Key Insight: One physical key costs $25 to $50 and stops the attack vector these AI tools are built to exploit.

Key Takeaways

🎯AI attack tool listings on dark web ransomware markets jumped from 38 to 1,486 in just 90 days between December 2025 and February 2026, a 3,800% increase tracked by Halcyon.
📌WormGPT and competing tools write fully personalized phishing emails by ingesting your LinkedIn, social media, and public mentions, for as little as $60 per month with no coding required.
The reason victims fall for it is the same reason they used to trust messages: it sounds personal and correct. AI removed the tells we were trained to look for.
🔑Set a family safe word offline today. It takes two minutes and it is the single fastest defense against AI-assisted impersonation calls and messages targeting your household.
💎Within 12 months, AI attack tools will likely include real-time voice synthesis, meaning a call from 'your boss' or 'your child' may sound completely authentic. The window to build verification habits is now, before that becomes standard.

FAQ

Q: How do I know if a message from my coworker or boss is actually from them?
A: If the message asks you to do something financial or urgent, verify it through a separate channel you already use, like calling their known mobile number directly. AI tools can mimic writing style perfectly, but they cannot answer a question only your real colleague would know.

Q: Can't spam filters or email providers just block AI-generated phishing?
A: Honestly, not reliably yet. Because AI-written phishing emails read as normal English with no suspicious patterns, content-based filters frequently miss them. Detection research is advancing but it is running behind the attack tools right now, which is a genuinely uncomfortable fact.

Q: What should I do if I already clicked a suspicious link?
A: Disconnect the device from the internet immediately, then call your IT department or a trusted tech person before touching anything else. If credentials were entered, change those passwords from a different, clean device within the next 10 minutes.

Conclusion

The 90-day jump from 38 listings to 1,486 is a warning signal that the barrier to running sophisticated ransomware campaigns has effectively collapsed. You don't need to become a cybersecurity expert to protect yourself, but you do need to stop assuming you can eyeball your way past these attacks. Start with one thing today: set that family safe word and text the concept to anyone in your household who might receive a spoofed call pretending to be you in an emergency. That single habit could be the difference between a close call and a $10,000 wire transfer you can't get back.

  • How Does AI Help Cybersecurity Teams — And How Do Attackers Abuse the Same Tools?
    The same AI tools that help security teams detect threats in milliseconds are being weaponized to clone voices, generate perfect phishing emails, and impersonate executives on live video calls. This isn't a future risk — it already cost one company $25 million in a single afternoon. Here's exactly w
  • How Is AI Creating Never-Seen Cyberattacks?
    AI systems are now generating cyberattacks automatically, faster than any human security team can track. The same technology defending your bank is being weaponized against you. Knowing how it works is the only real protection you have.
  • How Do AI-Generated Phishing Emails Bypass Corporate Filters?
    In 2026, AI-crafted phishing emails started sailing past enterprise security filters that had caught similar attacks for years. The emails were grammatically perfect, contextually aware, and personalized down to the recipient's recent Slack messages. Corporate IT teams were not ready for this.