Cybersecurity experts are raising concerns over the rapid growth of AI-powered cybercrime tools being traded on dark web forums and underground marketplaces, making sophisticated cyberattacks more accessible than ever before.
Speaking at a major cybersecurity event on 2 June, Cynthia Kaiser, SVP of the Ransomware Research Center at Halcyon and a former FBI deputy cyber director and White House advisor, described cyber threats as the “national security challenge of our lifetime.”
“It’s scary to look at some of the most powerful people in the world and see the fear in their eyes and know that’s because of what people are doing at keyboards thousands of miles away,” she said.
To understand the impact of AI on cybercrime, Halcyon researchers analyzed 4,000 marketplace listings, 77 Telegram channels, 20 dark web forums and 5 specialized underground markets. The findings revealed a dramatic increase in AI-related cybercrime activity, with mentions of AI-powered tools jumping from 38 in December to 1,486 in February, an increase of more than 3,810%.
Researchers identified 4 major categories of AI-powered cybercrime tools. These include weaponized large language models (LLMs), AI-enabled identity fraud tools, AI-augmented malware and infrastructure, and jailbroken or stolen AI services.
Among the most concerning developments are deepfake technologies capable of creating convincing voice and video impersonations. According to Kaiser, some tools can be trained using just 3 seconds of audio, while one platform reportedly claims a 92% success rate in bypassing KYC verification systems.
Researchers also found AI-powered call centers capable of operating in 25 languages. These systems are trained on more than 150,000 calls and can even generate background call center noise to appear more authentic during scams.
The study highlighted how cybercriminals are using freemium pricing models, automated Telegram bots and multiple distribution channels to expand reach and maintain resilience. Some stolen AI accounts are reportedly being sold for as little as $0.10.
Kaiser urged organizations to strengthen defenses against both high-volume low-skill attacks and advanced threats. She also emphasized the need for AI-driven security measures, stronger verification processes and greater collaboration between governments, businesses, AI providers and infrastructure operators.
“This is really a policy and partnership problem as much as it is a technical one,” she said.
Despite the growing threat, Kaiser noted that understanding how these underground markets operate provides valuable opportunities for law enforcement and security teams to disrupt cybercriminal activity.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.