Cybercriminal forums are shifting from speculating about generative AI to actively building around it, according to new research from Sophos X-Ops, the threat intelligence arm of cybersecurity firm Sophos. While the research has not confirmed AI-augmented attacks in the wild, it documents underground communities forming AI knowledge-sharing channels, recruiting prompt engineers, and advertising AI-branded tools and malware.
The findings land as Singapore’s own security teams watch the same trend. The Cyber Security Agency of Singapore has flagged AI-enabled scams and social engineering as an emerging concern, as generative AI tools become more accessible to both legitimate businesses and threat actors operating in the region.
An AI knowledge economy taking shape underground
Sophos X-Ops researchers observed dedicated AI and machine-learning channels forming across dark web and Telegram-based cybercrime communities, complete with shared prompt templates, jailbreak techniques, and workarounds for accessing public AI tools. Multiple established forum personas — some with years of posting history and reputations built on recruiting coders and social engineers — have begun advertising specifically for AI prompt engineers, suggesting AI expertise is becoming a tradeable specialist skill within criminal marketplaces.
Forum posts also point to generative AI being folded into existing fraud and intrusion workflows: overcoming language barriers, maintaining consistent personas across conversations, and scaling out lures across email, SMS, messaging apps and voice channels. Sophos researchers noted advertisements for AI-generated voice bots built for vishing and call-based fraud.
Claims outpace confirmed capability
Sophos X-Ops was careful to distinguish observed activity from verified capability. Researchers have not validated many of the tools and services marketed as “AI-led” or “AI-enabled” on underground marketplaces, and the report frames much of the AI branding as marketing — a way for forum personas to build reputation and attract buyers, whether or not the underlying claims hold up.
There is also friction within these communities: some personas worry AI will erode demand for manual criminal services such as malware development and scripting, while others openly dismiss AI tools and encourage reliance on human skill instead.
What the research means for defenders
Sophos X-Ops’s central message to enterprise security teams is preparation over panic. Even without confirmed AI-augmented attacks, the firm argues that AI is likely to accelerate familiar attack patterns rather than invent new ones — making foundational controls such as timely patching, multi-factor authentication and passkey adoption more important, not less.
For Singapore-based security teams already navigating CSA’s guidance on AI-enabled threats, the research adds weight to the case for treating generative AI as a capability multiplier for existing threat types, rather than an entirely new attack category requiring a separate playbook.



Share your thoughts