The barriers keeping cybercriminals from adopting AI — restricted access, high costs and little incentive to change tactics — are starting to fall, researchers tell Axios.Why it matters: The trend is opening the door to more AI-assisted attacks.The big picture: Three trends are converging.Open-weight AI models are approaching the cyber capabilities of OpenAI's, Anthropic's and Google's models, giving attackers more options outside of monitored services.Underground marketplaces now sell jailbroken models, custom models and AI-powered hacking services.Hackers are getting more comfortable weaving AI into existing workflows rather than trying to automate an attack from scratch.Driving the news: A string of reports over the past two weeks suggests cybercriminals are moving beyond AI experiments and starting to use the tools in the real world.In the recent JadePuffer attack, a single hacker used AI agents to automate most of a ransomware attack, including writing exploit code, stealing data and negotiating with the victim, per cloud security company Sysdig. In another case, a lone hacker used AI to execute multiple well-known cloud attack tactics — compressing a cyberattack that would've normally taken weeks into just 72 hours, according to Sygnia research. Researchers at Elastic uncovered a bank fraud scheme last week targeting Mexico-based financial organizations. The attack relied, in part, on AI-generated malware.What they're saying: "They're willing to take shots at a goal that historically they might not have gone after," Conor Sherman, global chief information security officer at Sysdig, tells Axios. Sherman adds that AI is giving individual attackers far more leverage.Zoom in: The AI agent in the JadePuffer attack rewrote exploit code in 31 seconds before continuing the attack."Someone else with no ransomware skills whatsoever could potentially do this same kind of operation," Crystal Morin, a senior cybersecurity specialist at Sysdig, tells Axios. Reality check: Researchers say many early AI-assisted attacks still reveal basic mistakes, including exposed servers, poorly hidden attacker activity and prompts left behind in malware.Aaron Walton, senior threat intelligence analyst at Expel, tells Axios that the JadePuffer case that Sysdig uncovered included a few questionable details, such as a bitcoin address that may have been hallucinated and the failure to encrypt the victim's data so it could be recovered. Between the lines: Just like cyber defenders, malicious hackers have been growing more comfortable with experimenting with AI — especially as models' cyber capabilities improve, experts tell Axios. Hacker forums regularly feature discussions comparing which models are best, trading jailbreak techniques and sharing strategies for writing prompts, Walton says.Underground marketplaces sell jailbroken frontier models, homegrown AI models and tools designed to make sophisticated attacks easier to launch, Meredith Burkart, senior director of government affairs and public policy at Halcyon, tells Axios. The intrigue: While open-source models have also reignited fears about hackers automating and scaling their attacks, hackers are still more likely to use Claude and ChatGPT since open-source models still require significant technical expertise and computing resources, Walton says.What's next: Experts say defenders still have time to prepare for AI-accelerated attacks, but the window is shrinking as AI becomes easier for attackers to use."Don't panic," Burkart says. "Just get started, one little thing at a time. It's all that you can do."
The biggest barriers to AI-powered cybercrime are disappearing
Three trends are opening the door to more AI-assisted attacks.









