Cybercriminals complain about AI slop flooding their forums as study reveals limited impact

Cybercriminals Are Complaining About AI Slop Flooding Their Forums

The complaint sounds familiar. "I'm disappointed that you are working to incorporate AI garbage into the site," one annoyed person, posting anonymously, said in an online message. "No-one is asking for this -- we want you to improve the site, stop charging for new features." Only, this is not a regular internet user moaning about AI being forced into their favorite app. Instead, they are complaining about a cybercrime forum's plans to introduce more generative AI. Like millions of others, scammers, grifters, and low-level hackers are getting annoyed about AI encroaching into their lives and the rise of low-quality AI slop being posted in their online communities. "People don't like it," says Ben Collier, a security researcher and senior lecturer at the University of Edinburgh. As part of a recent study into how low-level cybercriminals are using AI, Collier and fellow researchers spotted an increasing pushback over the use of generative AI in underground cybercrime forums and hacking groups. During the generative AI boom and hype cycles of the past couple of years, some people posting on hacking forums have moved from being positive about how AI can help hacking to a greater skepticism about the technology, according to the study, which also involved researchers from the University of Cambridge and the University of Strathclyde. The researchers analyzed 97,895 AI-related conversations on cybercrime forums since the launch of ChatGPT in 2022 until the end of last year. They found complaints about people dumping "bullet-pointed explainers" of basic cybersecurity concepts, moaning about the number of low quality posts, and concerns about Google's AI search overviews driving down the number of visitors to the forums. For decades cybercrime message boards and marketplaces, often Russian in origin, have allowed scammers to do business together. They are places where stolen data can be traded, hacking jobs are advertised, and fraudsters shitpost about their rivals. While scammers often try to scam each other, the forums also have a sense of community. For example, users build up reputations for being reliable, and forum owners hold writing competitions. "These are essentially social spaces. They really hate other people using [AI] on the forums," Collier says. He says the social dynamic of the groups can be messed up by potential cybercriminals trying to gain a better reputation by posting AI-generated hacking explainers. "I think a lot of them are a bit ambivalent about AI because it undermines their claim to be a skilled person." Posts reviewed by WIRED on Hack Forums, a self-styled space for those interested in talking about hacking and sharing techniques, show an irritation caused by people creating posts with AI. "I see a lot of members using AI for making their threads/posts and it pisses me off since they don't even take the time to write a simple sentence or two," one poster wrote. Another put it more bluntly: "Stop posting AI shit." In several instances, Collier says, users of multiple forums appear to be irritated by AI posts as they want to make friends. "If I wanted to talk to an AI chatbot, there are many websites for me to do so ... I come here for human interaction," one post cited in the research says. Since ChatGPT emerged toward the end of 2022, there has been significant interest in AI-hacking capabilities and how the technology can transform online crime. Both sophisticated hackers and those less capable have been trying to use AI in their attacks. While some organized fraudsters have boosted their operations with ever-more realistic AI face-swapping technology and social engineering messages translated using AI, a lot of attention has been on generative AI's capabilities to write malicious code and discover vulnerabilities.

Scammers Furious That Their Fellow Criminals Are Using AI, Saying It's Unethical

Can't-miss innovations from the bleeding edge of science and tech The AI sloppification of the internet comes for us all, even the petty scammers and fraudsters doing business in the darker corners of the web. As a yet-to-be-peer-reviewed study found, old-world internet scammers are getting frustrated as their favorite cybercrime forums turn to generative AI, much the same way Amazon or Reddit have degraded their own sites with the tech -- which, you have to admit, is pretty rich coming from a bunch of professional scammers. The study, first covered by Wired, found little evidence that AI tools are fundamentally reshaping the world of cybercrime, contradicting more alarmist warnings that the tools are fueling a novel epidemic of scam and fraud. At the upper echelons of the cybercrime world, large-scale criminal enterprises are largely using the tools for boring tasks like checking errors and probing Google for solutions to coding problems. Among smaller operations, however -- scams run by low-skill cybercriminals, as the researchers characterize them -- researchers identified a growing disgust with generative AI for any purpose, with criminals choosing instead to double-down on time-honored social connections and ancient attack scripts. "People don't like it," security researcher and senior lecturer at the University of Edinburgh Ben Collier told Wired. Collier, a coauthor of the study, notes that low-level hackers operating on cybercrime forums accessed via the Tor network -- commonly sensationalized as the "Dark Web" -- still prize organic connections and social dynamics over AI. "These are essentially social spaces. They really hate other people using [AI] on the forums," Collier explained. "I think a lot of them are a bit ambivalent about AI because it undermines their claim to be a skilled person." Sure enough, posts reviewed by Wired on Hack Forums (HF), a venerable social hub for hackers established back in 2007, were ripe with derision. "Stop posting AI s**t," one poster groused. Others referenced this sense of community directly in their moral appeals: "If I wanted to talk to an AI chatbot, there are many websites for me to do so, but that's not why I come to [HF]. I come here for human interaction," an anonymous user wrote in one post referenced in the research paper. "Forums are inherently human. Introducing some AI or otherwise generated replies just defeats the complete purpose of visiting and/or maintaining a such a forum." In addition to the social aspect, the researchers identified a general mistrust with AI's output. "I think AI isn't good enough to handle the kind of volume of code I would be flashing through it and asking it to expand on features," another user wrote in 2025. "AI can only still do the basics. It does them pretty good though. But I would not trust anything beyond my own supervision, and copy and paste from it only." This is not to say AI use isn't rampant among certain rungs of the cybercriminal world. As the researchers note, positive mentions of AI are most prevalent among discussions of passive "get-rich-quick schemes," like AI SEO spam or OnlyFans fraud. So while some mainstream news headlines might paint a horrifying picture of AI-enabled crime, there's plenty of nuance worth digging into -- cybercriminals are still humans, after all.

Cybercrime Might Be the One Job AI Isn't Taking, Study Suggests - Decrypt

The biggest measurable AI-driven crime is not hacking. It is mass-produced SEO spam, romance scams, and AI-generated nudes sold for a dollar each. For three years, cybersecurity firms, governments, and AI labs have warned that generative AI would unleash a new generation of supercharged hackers. According to a new academic paper that actually went and looked, the supercharged hackers are mostly using ChatGPT to write spam and generate nudes for fun. The study, titled Stand-Alone Complex or Vibercrime?, was published on arXiv by researchers from Cambridge and other universities and aims to understand how the cybercrime underground is actually adopting AI, not how cybersecurity vendors say it is. "We present here one of the first attempts at a mixed-methods empirical study of early patterns of GenAI adoption in the cybercrime underground," researchers wrote. The team analyzed 97,895 forum threads posted after ChatGPT launched in November 2022, drawn from the Cambridge Cybercrime Centre's CrimeBB dataset of underground and dark web forums. They ran topic models, manually read more than 3,200 threads, and ethnographically immersed themselves in the scene. The conclusion is unflattering for the AI doom community: 97.3% of threads in the sample were classified as "other," meaning not actually about using AI for crime at all. Only 1.9% involved someone using vibe coding tools. Remember WormGPT, FraudGPT, and the wave of supposedly malicious chatbots that flooded headlines in 2023? The forum data tells a different story. Most posts about "Dark AI" products, the researchers found, were people begging for free access, idle speculation, and complaints that the tools didn't actually work. One developer of a popular Dark AI service eventually admitted to forum members that the product was a marketing exercise. "At the end of the day, [CybercrimeAI] is nothing more than an unrestricted ChatGPT," the developer wrote, before the project shut down. "Anyone on the Internet can use a well-known jailbreak technique and achieve the same, if not better, results." By late 2024, the researchers say, jailbreaks for mainstream models had become disposable. Most stop working in a week or less. Open-source models can be jailbroken indefinitely, but they are slow, resource-heavy, and frozen in time. "Guardrails for AI systems are proving both useful and effective," the authors conclude, in what they themselves call a counterintuitive finding for a critical paper. The paper directly addresses Anthropic's widely-covered August 2025 report claiming Claude Code had been used to run a "vibe hacking" extortion campaign against 17 organizations. The Cambridge team's data simply does not show that pattern in the wider underground. In the forums they studied, AI coding assistants are being used the same way mainstream developers use them: as autocomplete and Stack Overflow replacements for already-skilled coders. Low-skill actors stick with pre-made scripts, because pre-made scripts work. The researchers found that even hackers don't trust their vibe coded hacking tools. "AI-assisted coding is a double-edged sword. It will speed up development but also amplifies risks such as insecure code and supply chain vulnerabilities," one user said in a forum monitored by researchers. Another warned about long-term skill loss: "It's clear now that using AI for code causes a very fast negative degradation of your skills," a hacker wrote in a forum, "If your goal is just to turn out SaaS scams and you don't care about code quality/security/performance it can be viable to vibe code. (Also seems viable for phishing)." This stands in stark contrast to alarmist forecasts from Europol, which warned in 2025 that fully autonomous AI could one day control criminal networks. The disruption, when it shows up, is at the bottom of the food chain. SEO scammers are using LLMs to mass-produce blog spam to chase declining ad revenue. Romance fraudsters and eWhoring operators are bolting on voice cloning and image generation. Get-rich-quick hustlers are churning out AI-written eBooks to sell for $20 a pop. The most disturbing market the researchers found involved nude image generation services. One operator advertised: "I'm able to make any girl nude with an AI... 1 Picture = $1, 10 Pictures = $8, 50 Pictures = $40, 90 Pictures $75." None of this is sophisticated cybercrime. It is the same low-margin, high-volume hustle that powered the spam industry for two decades, now running on slightly better tools. The researchers' closing observation is the most pointed one. The biggest way AI ends up disrupting the cybercrime ecosystem, they suggest, may not be by making criminals more capable. It may be by pushing laid-off developers from legitimate tech into the underground looking for work. "In recent months anxiety over labour market disruption from these tools is increasing precipitously," the paper reads. "This may end up being the most important way in which generative AI tools disrupt the cybercrime ecosystem -- mass layoffs, economic downturn and a cool job market pushing legitimate, more skilled developers into the underground communities of get rich quick schemes, fraud, and cybercrime."

Cybercriminals gave AI a go -- and came away disappointed, study finds

New research from the University of Edinburgh found that hackers had little success in using AI tools in their work, either directly in their scams or in developing more effective tools. Cybercriminals are having a hard time incorporating artificial intelligence (AI) in their work, a new analysis found. A new pre-print study from the University of Edinburgh analysed over 100 million forum posts from cyber criminals using the database CrimeBB, which scrapes data from underground forums. The data was analysed both manually and by using a large language model (LLM). While cybercriminals have expressed interest in learning how to use AI tools, the technology has not significantly changed their way of "working," the study found. "Many of the reviews and discussions describe [AI] tools as not particularly useful," the study reads. Researchers found "no significant evidence" that hackers had any success using AI in improving their hacking activity, either as a learning aid or in developing more effective tools. AI coding assistants are mostly useful for those who are already skilled at coding, so AI models that offer coding help fail to give them any significant "bump" when trying to break into devices or find security workarounds, the study added. "You've gotta first learn the ropes of programming by yourself before you can use AI and ACTUALLY benefit from it," one post quoted by the study reads. The main impact AI has had so far on less-than-legal online activity is in easy-to-automate areas, such as social media bot creation, some romance scams and search engine optimisation (SEO) fraud, or the creation of fake websites that get pushed up in search result rankings to make money from advertising. Reviews suggest that even the most experienced hackers use chatbots to answer coding questions or generate "cheatsheets" to help them code. The AI that actually has been falls under "mainstream and legitimate products," such as Anthropic's Claude or OpenAI's Codex, rather than specific cybercrime-specific AI models such as WormGPT that hackers designed to produce malware code or phishing emails Many of the posts analysed by the study are about cyber criminals asking for techniques to bypass the security regulations on those mainstream models, but they seem to have a hard time getting the AI systems to override their safety settings. Instead, cyber criminals are forced to pivot to older, lower quality open-source AI models that are easier to jailbreak. They tend to be less useful and "require significant resources," the researchers found. Their study suggests that the guardrails put in place by AI companies are working -- so far.