For years, the cybersecurity world has been buzzing with fears that generative AI would unleash a new wave of super-hackers, capable of sophisticated cyberattacks beyond our wildest nightmares. But a groundbreaking academic paper, which actually dug into the cybercrime underground, suggests this ‘AI Hacking Hype’ is, for real, mostly just that: hype. Instead of masterminds orchestrating complex digital heists with AI, the reality is far less cinematic, with AI predominantly enabling low-level fraud and spam.
This deep dive, titled ‘Stand-Alone Complex or Vibercrime?’ by researchers from Cambridge and other prominent universities, offers a refreshing dose of reality. They sifted through nearly 100,000 forum threads from the cybercrime underground, posted after ChatGPT dropped, to understand how these folks are *actually* using AI. The findings are pretty eye-opening, challenging the narrative pushed by many security vendors and government agencies who predicted a scary AI-driven crime surge.
Remember all the buzz around ‘Dark AI’ tools like WormGPT and FraudGPT that made headlines last year? Well, according to this study, those were mostly a bust. Forum discussions showed users begging for access, speculating idly, or flat-out complaining that these supposed super-tools didn’t deliver. Turns out, many were just marketing stunts, with one developer admitting their product was ‘nothing more than an unrestricted ChatGPT,’ which you could jailbreak yourself for free. Talk about a letdown for the bad guys.
The study also highlighted the significant effort by mainstream AI developers to implement robust guardrails. By late 2024, jailbreaks—the clever prompts criminals use to bypass AI restrictions—were becoming seriously disposable, often lasting less than a week. While open-source models *can* be jailbroken indefinitely, they come with their own set of headaches: slow performance, heavy resource demands, and often outdated capabilities. So, the legitimate AI safety measures are proving surprisingly effective, which is a pretty dope outcome, no cap.
Furthermore, the notion of ‘vibe hacking,’ where AI is supposedly used to extort organizations with advanced social engineering, didn’t really show up in the forums. Instead, cybercriminals are using AI coding assistants much like legitimate developers do: as glorified autocomplete or Stack Overflow replacements. This means only already-skilled coders benefit, boosting their efficiency rather than turning novices into master hackers. Low-skill actors, meanwhile, still prefer tried-and-true pre-made scripts because, let’s be honest, they just work and don’t come with ‘sketchy’ AI code that might backfire.
In fact, many hackers themselves expressed a legit distrust of AI-generated code. They voiced concerns about insecure code and supply chain vulnerabilities, understanding that while AI might speed things up, it could also introduce new risks. One forum user even warned that relying too heavily on AI for coding could lead to ‘negative degradation of your skills,’ a sentiment that hits different when you consider the potential long-term impact on a hacker’s craft.
So, where *is* AI actually making waves in the criminal underworld? At the bottom of the food chain, where low-margin, high-volume hustles thrive. Think SEO scammers cranking out mass-produced blog spam, romance fraudsters leveraging voice cloning, and ‘eWhoring’ operators using image generation to create fake nudes sold for a buck a pop. It’s the same old grind that powered the spam industry for decades, just with slightly upgraded, but still basic, tools.
The most profound observation from the researchers suggests that AI’s biggest disruption to cybercrime might not be by making criminals smarter, but by potentially expanding their ranks. As AI continues to automate tasks in legitimate tech industries, the specter of mass layoffs could push skilled developers—folks who are straight up on point with their coding knowledge—into the underground, looking for work in get-rich-quick schemes, fraud, and other illicit ventures. Now *that’s* a thought that’s a little unsettling, for real.
If you enjoyed this article, share it with your friends or leave us a comment!
Darius Zerin specializes in business strategy, entrepreneurship, and market trends. He covers everything from startups to global finance, offering practical insights and forward-thinking analysis. His writing is designed to help readers stay ahead in a constantly evolving economic landscape.
