Alleged Deepfake Investment Scam in Spai…

BackReported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

Apr 7, 20253 reportsSeverity: MinorToolHigh confidence

Xanthorox AI, a malicious AI-powered hacking tool designed for offensive cyber operations, was discovered circulating on darknet forums in late Q1 2025, featuring five specialized language models for automated cyberattacks including malware generation, phishing campaigns, and vulnerability exploitation.

Xanthorox AI is a sophisticated AI-powered hacking tool that emerged on darknet forums and encrypted channels in late Q1 2025. The system is marketed as the 'killer of WormGPT and all EvilGPT variants' and represents a significant advancement in malicious AI technology. Unlike previous tools that relied on jailbroken existing AI models, Xanthorox was built from the ground up with five specialized AI models running on private servers controlled by the creators. The system includes Xanthorox Coder for malicious code generation and vulnerability exploitation, Xanthorox Vision for analyzing images and screenshots to extract sensitive data, Xanthorox Reasoner Advanced for social engineering and manipulation, real-time voice interaction capabilities, and a live web scraper that pulls data from over 50 search engines. The tool is designed to enable fully automated cyberattacks including phishing campaigns, ransomware deployment, and malware development. It can operate offline and avoids detection by not relying on public cloud infrastructure or APIs. Cybersecurity firm SlashNext discovered and analyzed the platform, warning that its modular design allows for rapid evolution and makes it difficult for traditional detection tools to counter.

Domain classification, causal taxonomy, severity scores, and national security assessments were LLM-classified and may contain errors.

Risk Domain

4Malicious Actors & Misuse

4.2Cyberattacks, weapon development or use, and mass harm

Using AI systems to develop cyber weapons (e.g., by coding cheaper, more effective malware), develop new or enhance existing weapons (e.g., Lethal Autonomous Weapons or chemical, biological, radiological, nuclear, and high-yield explosives), or use weapons to cause mass harm.

Causal Classification

Entity

Human

Due to a decision or action made by humans

Intent

Intentional

Due to an expected outcome from pursuing a goal

Timing

Post-deployment

Occurring after the AI model has been trained and deployed

Harm Severity Assessment

Highest Score:2 — Minor(Toxic or Malicious Content, direct)

National Security Assessment

Overall Score(4/5)

Stakeholders

Developers: Xanthorox AI Creators, Unknown Black Hat AI Developers
Deployers: Unknown Malicious Actors, Darknet Forum Users, Cyber Criminals, Cyber Criminal Networks
Harmed Parties: Victims Of Phishing Attacks, Victims Of Malware Attacks, Victims Of Automated Cybercrime, General Public, Enterprise IT Systems, Critical Infrastructure Systems

AI System Classification

Primary Purpose: Malware Detection
Secondary Purpose: Code Generation
Behaviour Type: Tool
EU AI Act Risk Level: 1 Unacceptable
Occurrences: 1

Population Impact

No population impact data reported.

External Links

View on AI Incident Database