The underground exploitation of large language models (LLMs) for malicious services (i.e., Malla) is witnessing an uptick, amplifying the cyber threat landscape and posing questions about the trustworthiness of LLM technologies. However, there has been little effort to understand this new cybercrime, in terms of its magnitude, impact, and techniques. In this paper, we conduct the first systematic study on 212 real-world Mallas, uncovering their proliferation in underground marketplaces and exposing their operational modalities. Our study discloses the Malla ecosystem, revealing its significant growth and impact on today's public LLM services. Through examining 212 Mallas, we uncovered eight backend LLMs used by Mallas, along with 182 prompts that circumvent the protective measures of public LLM APIs. We further demystify the tactics employed by Mallas, including the abuse of uncensored LLMs and the exploitation of public LLM APIs through jailbreak prompts. Our findings enable a better understanding of the real-world exploitation of LLMs by cybercriminals, offering insights into strategies to counteract this cybercrime.

翻译：地下非法利用大语言模型（LLM）提供恶意服务（即"迈向"）的现象正呈上升趋势，这加剧了网络安全威胁格局，并对大语言模型技术的可信度提出了质疑。然而，关于这种新型网络犯罪的规模、影响及技术手段的系统性研究仍十分匮乏。本文首次对212个真实世界的"迈向"进行系统性研究，揭示其在黑市中的扩散态势及运作模式。我们的研究披露了"迈向"生态系统，揭示了其对当前公共LLM服务的显著增长和影响。通过分析212个"迈向"实例，我们识别出其使用的8种后端LLM，以及182条能够绕过公共LLM API保护措施的提示词。我们进一步解密了"迈向"采用的策略，包括滥用未经审查的LLM以及通过越狱提示词利用公共LLM API。我们的发现有助于更深入地理解网络犯罪分子对LLM的真实世界利用方式，并为制定对抗此类网络犯罪的策略提供了洞见。