The underground exploitation of large language models (LLMs) for malicious services (i.e., Malla) is witnessing an uptick, amplifying the cyber threat landscape and posing questions about the trustworthiness of LLM technologies. However, there has been little effort to understand this new cybercrime, in terms of its magnitude, impact, and techniques. In this paper, we conduct the first systematic study on 212 real-world Mallas, uncovering their proliferation in underground marketplaces and exposing their operational modalities. Our study discloses the Malla ecosystem, revealing its significant growth and impact on today's public LLM services. Through examining 212 Mallas, we uncovered eight backend LLMs used by Mallas, along with 182 prompts that circumvent the protective measures of public LLM APIs. We further demystify the tactics employed by Mallas, including the abuse of uncensored LLMs and the exploitation of public LLM APIs through jailbreak prompts. Our findings enable a better understanding of the real-world exploitation of LLMs by cybercriminals, offering insights into strategies to counteract this cybercrime.

翻译：大型语言模型（LLM）在地下恶意服务（即Malla）中的滥用正呈现上升趋势，这不仅加剧了网络威胁态势，也对LLM技术的可信度提出了质疑。然而，目前针对这一新型网络犯罪在规模、影响和技术手段方面的理解仍十分有限。本文首次对212个现实世界中的Malla进行了系统性研究，揭示了其在地下市场的扩散情况并剖析了其运作模式。我们的研究揭示了Malla生态系统，展现了其对当前公共LLM服务的显著增长与影响。通过对212个Malla的深入分析，我们发现了Malla所使用的八种后端LLM，以及182条用于规避公共LLM API保护措施的提示词。我们进一步解密了Malla所采用的策略，包括对未经审查LLM的滥用以及通过越狱提示词对公共LLM API的利用。本研究有助于更深入地理解网络犯罪分子对LLM的现实滥用，并为制定应对此类网络犯罪的策略提供了重要见解。