Prior to taking up the role of senior vice-president of Halcyon’s Ransomware Research Centre, Cynthia Kaiser worked for the Federal Bureau of Investigations (FBI) for 20 years, becoming the deputy assistant director of cyber division for the agency.
At this year’s Infosecurity Europe at the Excel London, Kaiser gave a keynote speech about the evolving nature of ransomware. The picture she painted about the current capabilities of threat actors on the dark web was a bleak one.
Setting the scene, it is well known now that with technology’s increased connectivity, there are more opportunities than ever for hackers to exploit vulnerabilities and cause real-world damage. Kaiser said cyber threats have become the key national security threat. Cyber attacks are no longer the domain of technology columns, but are now front-page news. Kaiser cited the instance in which North Korean threat actors are believed to have hacked Sony in response to the release of The Interview, as well as Russian hacking to disrupt elections and influence geopolitics.
She observed that since 2023, there has been a 20% rise in cyber attacks on small and medium-sized enterprises (SMEs), which are now four times more likely to be attacked than larger organisations. The technology underpinning cyber attacks has improved, with a typical cyber attack now taking only four hours.
According to Kaiser, some hacking groups now operate like conventional businesses, with customer service lines and their own brands. Similarly, underground forums are closer to consumer platforms, with credentials for sale that offer access to compromised networks. These forums comprise 60% of all dark web activity. As such, hacking groups no longer need to start building their services from nothing, as infrastructure is available to buy from dark web forums.
Explosion of AI tools
The recent significant change in dark web activity has been in the use of AI. Until this year, Kaiser noted there was virtually no mention of AI hacking tools on dark web forums. Then there was an explosion of AI tools. The number of posts about AI on dark web forums went from 38 in December 2025 to nearly 1,500 in February 2026.
Kaiser explained these AI hacking tools are weaponised large language models (LLMs) – AI tools that have had their safety limits removed, thereby enabling hackers to use them for malicious purposes. The weaponised LLMs typically appear as attack versions of AI systems to help criminals.
The market leader of weaponised LLMs is WormGPT, which first came to the fore in 2023. Although the original was shut down a few weeks after the creators were identified, the name has now become a brand, with multiple suppliers running different versions of the WormGPT code. The “official” Telegram channel for WormGPT, which now has more than 15,000 members, recently announced that the latest version (Kriminal.AI) will be free.
It was noted by Kaiser that identity fraud is one of the core uses for weaponised AI tools, as social engineering techniques can be enabled by AI-cloned voices. The success rate for these deepfakes is over 90% and they can be generated from as little as three seconds of audio. AI-enabled identity fraud can also include document forgery and deepfake videos. A typical deepfake video can now cost approximately $800 (around £600), with suppliers also offering seasonal promotional discounts.
AI can be used to augment malware to attack infrastructure. AI tools have been able to simulate telephone calls from call centres, with the associated background chatter and typing on keyboards. These AI-simulated call centres have been trained on more than 150,000 customer calls and can use over 25 languages. They charge up to $7 (just over £5.00) per thousand calls and claim they can support up to 120 simultaneous calls.
Kaiser noted that jailbroken and stolen AI services are also available to purchase online, with active threads across multiple hacker forums, which act as living repositories.
Identity fraud is one of the core uses for weaponised AI tools, as social engineering techniques can be enabled by AI-cloned voices
The widespread offerings available on dark web forums, together with their competitive pricing, means there is no financial barrier to entry. Kaiser highlighted how WormGPT uses the freemium business model: the core technology is free to use, but advanced functions need to be paid for.
Kaiser explained how the larger dark web suppliers are automating storefronts and automating the distribution of their services. Platforms are also becoming increasingly advanced, with redundancy measures in place to survive disruption.
According to Kaiser, dark web operators seem to have a two-phase pattern. New dark web technologies are developed and tested, and once a tool has been validated, it is shared to Telegram channels for wider distribution. These forums feed the service and each channel is designed to support the other.
The greatest vulnerability facing dark web operators is not law enforcement, but each other, as AI tools are now targeting market competitors. Hence, people who pay for cyber crime are at risk of having their own details shared online. Essentially, the criminal AI market has an internal threat problem.
Effective defence is still possible
Kaiser stressed that despite the significant risk posed by hacker groups, we can still defend against these tools, but we need to rapidly adapt to guard against the risk from those seeking to exploit technologies.
She explained some techniques that have been the most effective. Preventing initial access remains a core defence against cyber attacks – if hackers cannot get in, then the data remains secure. Kaiser recommends phishing resistant multi-factor authentication (MFA) and accelerated patching, as well as preparing staff for AI-generated voice calls impersonating partners, executives and employees.
However, given the multifarious cyber threats facing organisations, it is a case of when, not if, an cyber attack occurs. With that in mind, Kaiser noted that detecting lateral movement in a network, such as by using network monitoring tools and setting behavioural baselines of expected user behaviour, is vital for alerting security teams to potential threats in the networks, with a particular focus on endpoint and network telemetry. Setting minimum user privileges and ensuring user credentials only have access to the areas they need (especially when users change roles in an organisation) also helps.
Disrupting the exfiltration and encryption of data is also vital, according to Kaiser, which can be done by detecting anomalous user behaviour and unauthorised encryption attempts, as well as monitoring outbound traffic for sensitive information. Immutable data backups will also ensure that should the worst happen and the data is compromised, the system can be restored from a secure standpoint. All these technologies build resilience into a network to disrupt malicious threat actors and prevent the data from being compromised.
Kaiser also highlighted how tabletop exercises can be used to simulate a variety of worst-case scenarios, enabling organisations to put policies in place for such incidents. This helps staff to know what needs to be done – or at least know where to look. In essence, there needs to be an in-depth defence approach to cyber security, with multiple, overlapping layers of security controls across a network. As such, even if one mechanism is compromised or is breached, there are redundancy measures in place to delay attackers, contain the threat and protect valuable data.
Given the recent developments in AI-powered voice cloning, Kaiser recommended that security teams need to reorient to phone calls as a primary threat vector. AI has made voice-calls increasingly scalable, with them able to automate calling hundreds of people without needing a call centre.
Although malicious actors are adopting AI tools, cyber security teams can respond by automating detection and identification systems, such that networks can respond faster and more effectively to intruders.
Kaiser also recommends that we, as a society, need to work better together to counter the rise of cyber crime. This last point is not a technical problem, but one of policy and partnership, as governments need to enable information sharing between organisations and security agencies about emerging cyber threats for security teams to prepare effective defences against them.
Ultimately, the proliferation of AI tools across dark web forums has made hacking easier and more accessible. It is now no longer the remit for large-scale criminal operations or state-sponsored hacking groups, but anyone with a reasonable budget.
However, intelligence of the dark web demonstrates that cyber criminals are vulnerable to their own technologies being used against them. Furthermore, law enforcement raids and financial disruption can work well, but dark web platforms’ innate redundancy measures mean they have some resistance to this. As such, there needs to be more collaboration between security agencies and organisations so that emerging threats can be countered.
