SECURITY
SECURITY
SECURITY
Malicious AI tool mentions surge 200% across dark web channels in 2024
A new report out today from threat intelligence firm KELA Research and Strategy Ltd. reveals a 200% increase in mentions of malicious artificial intelligence tools on cybercrime forums through 2024, emphasizing how cybercriminals are rapidly embracing AI tools and tactics.
The finding comes from KELA’s 2025 AI Threat Report: How Cybercriminals are Weaponizing AI Technology, which used data from KELA’s intelligence-gathering platform that monitors and analyzes cybercrime underground communities, including dark web forums, Telegram channels and threat actor activity.
Along with finding a 200% increase in mentions of malicious AI tools, the report found a 52% rise in AI jailbreak discussions over the past year. Threat actors were found to be continuously refining AI jailbreaking techniques to bypass security restrictions in public AI systems.
Cybercriminals were found to be increasingly distributing and monetizing so-called “dark AI tools,” including jailbroken models and purpose-built malicious applications like WormGPT and FraudGPT. The tools are designed to automate core cybercriminal activities such as phishing, malware development and financial fraud.
By removing safety restrictions and adding custom capabilities, the AI systems lower the barrier for less skilled attackers to carry out complex attacks at scale.
On the phishing front, phishing campaigns were found to be becoming more sophisticated, with threat actors leveraging generative AI to craft convincing social engineering content, sometimes enhanced with deepfake audio and video to impersonate executives and deceive employees into authorizing fraudulent transactions.
AI was also found to be accelerating malware development, allowing for the rapid creation of highly evasive ransomware and infostealers, posing significant challenges for traditional detection and response methods.
“We are witnessing a seismic shift in the cyber threat landscape,” said Yael Kishon, AI product and research lead at KELA. “Cybercriminals are not just using AI – they are building entire sections in the underground ecosystem dedicated to AI-powered cybercrime. Organizations must adopt AI-driven defenses to combat this growing threat.”
To combat the rising AI-powered cyber threats, KELA recommends that organizations invest in employee training, monitor evolving AI threats and tactics and implement AI-driven security measures such as automated intelligence-based red teaming and adversary emulations for generative AI models.
Image: SiliconANGLE/Reve
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
