Cynthia Kaiser’s warning at Infosecurity Europe
“It’s scary to look at some of the most powerful people in the world and see the fear in their eyes and know that’s because of what people are doing at keyboards thousands of miles away,” Cynthia Kaiser, SVP Ransomware Research Center at Halcyon and a former FBI deputy cyber director and White House advisor, told attendees at Infosecurity Europe on 2 June. Kaiser said her time in government made her realize that tackling cyber threats is the “national security challenge of our lifetime.”
How Halcyon mapped the surge
Kaiser and her Halcyon team performed a focused analysis to measure the scale and nature of AI tooling in the underground. They reviewed 4,000 entries across 77 Telegram channels, 20 dark web forums and five specialized underground markets. The team found rapid growth in mentions of AI-powered technology — the December-to-February rise noted above — and catalogued features of the offerings that point to a professionalized marketplace: automated distribution, freemium options and tiered pricing.
What cybercriminals are selling
Halcyon grouped the offerings into four clear categories:
- Weaponized LLMs: AI models secretly retrained or hacked to remove “rules and safety limits,” or new models built from scratch, with WormGPT cited as an example.
- AI-enabled identity fraud: Voice and video deepfakes for business email compromise (BEC), KYC bypass and defeating selfie-check recognition systems; Kaiser noted some tools can be trained on as little as three seconds of audio and presented an example that claims a 92% success rate at bypassing KYC platforms.
- AI-augmented malware and infrastructure: Tools that support live operations, such as an AI-powered call center trained on over 150,000 calls, offering 25 languages and even producing ambient call-center background noise to reassure victims.
- Jailbroken and stolen AI services: The majority of dark web offerings and the cheapest, with stolen ChatGPT accounts retailing at about 10 cents; Kaiser said there is a “highly organized and active cybercrime community offering jailbroken AI.”
Market mechanics: freemium distribution, Telegram bots and redundancy
Kaiser described how sellers have lowered financial barriers and automated sales. Freemium models make entry “virtually zero,” while Telegram bot-driven distribution automates sales, customer service, notifications and order tracking, functioning as “unmanned storefronts.” The underground ecosystem also layers redundancy across channels. “If a paid tier is disrupted, the free tier continues to distribute. If a website goes down, the Telegram bot continues,” Kaiser said. “If the Telegram channel is banned, the forum thread persists, and if the forum is seized the website survives. Each channel is a backup for the others.”
Operational responses: rapid detection, verification redesign and partnerships
Kaiser urged defenders to prepare along four fronts. Organizations should be ready for a surge of low-capability actors that create volume and fatigue as well as continuous pressure from sophisticated groups. She said society must “reorient” around phone calls as a primary attack vector, redesigning verification protocols accordingly. Rapidly accelerated attacks demand “AI-based behavioral protection, and automated isolation, token revocation, and disabling of credentials.” Finally, Kaiser framed part of the solution as policy and partnership: “This is really a policy and partnership problem as much as it is a technical one,” she said, calling for coordination between defenders, model providers, payment processors and hosting infrastructure.
What this means for technologists, policymakers, and end users
- Technologists and security teams should watch for AI-driven volume attacks and prioritize behavioral protections and automated isolation capabilities to stop rapid compromise.
- Policymakers and model makers need to engage on disruption and resilience: Kaiser said effective disruption requires coordination among model providers, payment processors and hosting infrastructure.
- End users and organizations that rely on KYC and voice verification should assume these controls are under active assault — Kaiser highlighted tools claiming high success rates at bypassing KYC and deepfake capabilities that can be trained on seconds of audio.
“The good news is that the same intelligence work that reveals how these markets operate also reveals where they’re vulnerable,” Kaiser concluded. Law enforcement disruption and financial pressure, she said, “can cause real friction.” For defenders who observe what attackers are buying, building and doing, that friction can translate into a meaningful and actionable advantage.
https://www.infosecurity-magazine.com/news/cybercrime-ai-tools-surge-3800/




