AI, Cybercrime, and the Rise of “Evil LLMs”: What It Means for Rail and Critical Infrastructure  

As artificial intelligence (AI) continues to reshape how we work, communicate, and innovate, it’s also creating new opportunities for cybercriminals. The recent emergence of malicious AI tools like FraudGPT and WormGPT, large language models designed specifically for hacking and fraud, marks a new frontier in cybersecurity risk.  

If “vibe coding” is celebrated as the creative frontier of AI, its darker twin “vibe hacking” is fast emerging as a real cyber risk. In simple terms, vibe hacking refers to manipulating an AI model through carefully worded prompts to make it behave in unintended ways.  

For as little as $100, anyone can now access AI models capable of writing phishing campaigns, generating malware, or automating social engineering attacks. What was once the domain of skilled hackers is now available to anyone with a credit card and a dark web connection.  

From “Vibe Hacking” to Real-World Threats  

Criminals are using these tools to exploit vulnerabilities in legitimate AI systems. So-called “prompt injection” attacks, where bad actors manipulate AI models through hidden or deceptive instructions, can trick systems into leaking data, generating malicious code, or bypassing built-in safety checks.  

It’s a powerful reminder that even trusted technology can become a method for attack.  

Lowering the Barrier to Entry  

Generative AI has drastically lowered the barrier to cybercrime. Attackers no longer need deep technical expertise; they can rely on the AI to do the heavy lifting, from creating fake documents and phishing emails to writing ransomware scripts.  

This “democratisation” of cybercrime is particularly concerning for safety-critical sectors like rail, where operational disruption or data compromise can have serious consequences.  

A Wake-Up Call for Every Industry  

For industries like transport where digital systems now underpin physical operations, the threat is not theoretical. It’s here, and it’s evolving fast.  

Protecting against AI-driven cyber threats means looking beyond traditional security tools. It requires a culture of resilience, embedding cybersecurity thinking into every stage of system design, project delivery, and operational management.  

Our View: Building Safety Through Security  

With MigoSec+, we believe cybersecurity in rail isn’t just about defending systems, it’s about protecting safety. As railways become increasingly digital, security must evolve from being a standalone function to a core part of operational resilience.  

 Because as AI continues to advance, so too must our defences.  

AI is transforming not just the way we work, but the way we need to think about safety.   

Learn how MigoSec+ helps operators strengthen resilience in a digital-first world.