A new report released today by phishing protection company SlashNext Inc. details the emergence of a next-generation malicious artificial intelligence platform called Xanthorox AI, which is being promoted in underground cybercrime forums as a modular, self-hosted tool for automated hacking operations.

Malicious AIs are not new, with several tools already in circulation, with models such as WormGPT, FraudGPT and EvilGPT previously gaining popularity among hackers. The systems typically repurpose or jailbreak existing language models to generate phishing emails, write malicious code and assist with social engineering.

Where the new Xanthorox AI gets interesting is in how it abandons reliance on existing foundation models altogether. Instead of modifying tools like ChatGPT or Claude, the AI introduces a completely self-hosted, multi-model architecture designed for offline use and tailored to cyber operations.

Its developers claim it runs entirely on private infrastructure, offering a modular, local-first architecture that removes the risks of application programming interface monitoring or cloud service takedowns. The local-first approach not only avoids detection and takedown but also allows attackers to run powerful AI capabilities without leaving a traceable footprint.

Xanthorox AI is powered by five distinct models, each optimized for different types of cyber operations. The modular design of the AI allows attackers to mix and match capabilities depending on the task, whether it’s generating malware, analyzing images, scraping data or mimicking human reasoning. Because each model is purpose-built and operates independently within the platform’s infrastructure, Xanthorox can execute complex, multilayered attacks without relying on outside systems.

The models include Xanthorox Coder, an engine that handles everything from code generation to malware development and vulnerability exploitation. Another model, Xanthorox Vision, adds image processing capabilities, allowing users to upload screenshots or files for AI-driven analysis and data extraction.

The platform’s ability to function offline, scrape the web independently and analyze multiple file types makes it an all-in-one toolkit for cybercriminals.

In response, SlashNext is leveraging AI-powered behavioral and language analysis to stop such threats at the source. The company’s solutions detect AI-generated email attacks. whether text-based, image-driven, or part of a multichannel campaign, to provide real-time protection against tools like Xanthorox AI.

Casey Ellis, founder of crowdsourced cybersecurity company Bugcrowd Inc., told SiliconANGLE via email that Xanthorox AI is a “fascinating development,” noting that “it’s easy to think of the cybercriminal ecosystem as one big amorphous blob of badness, when in reality it operates much like any service and platform industry.” He added that there are various groups specializing in their unique contribution to the overall kill chain,” and “startups” like this one are appearing to create a competitive advantage for criminals.

“The local model tuning/training they seem to have used to decouple it from the foundational model vendors means they’ll have lock-in on with their users, and will be able to avoid the cat-and-mouse game that has been going on between attackers and AI guardrail teams seeking to prevent malicious use of large models,” added Casey. “I’m particularly impressed by the mixture of experts approach they’ve taken. This is definitely the most effective approach to building a flexible AI-powered attack platform.”

Image: SiliconANGLE/Reve