Incident 1015: Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

Description: Xanthorox AI is a malicious, modular AI system released on darknet forums in early 2025. Designed from scratch for offensive cyber operations, it runs on private infrastructure and includes models for code generation, phishing, malware, social engineering, and real-time voice/image input. Its release represents a deliberate deployment of an autonomous attack platform.
Editor Notes: At present we are unaware of any incident involving Xanthorox, but its release, capabilities, indicated purpose, and wide availability lead us to believe that the absence of current evidence is more the result of inadequate time or reporting and less the absence of past or imminent harm. If and when the first harm event occurs (i.e., "incident") we will add its reports to this incident ID. You can subscribe to this incident number to receive an email notification should that occur.

Tools

New ReportNew ReportNew ResponseNew ResponseDiscoverDiscoverView HistoryView History

Incident Stats

Incident ID
1015
Report Count
3
Incident Date
2025-04-07
Editors
Daniel Atherton
Xanthorox AI – The Next Generation of Malicious AI Threats Emerges
slashnext.com · 2025

The Next Evolution in Black-Hat AI

A new player has entered the cybercrime AI landscape -- Xanthorox AI, a malicious tool that brands itself as the "Killer of WormGPT and all EvilGPT variants." 

First spotted in late Q1 2025, Xanthorox bega…

Darknet’s Xanthorox AI Offers Customizable Tools for Hackers
infosecurity-magazine.com · 2025

A self-contained AI system engineered for offensive cyber operations, Xanthorox AI, has surfaced on darknet forums and encrypted channels.

Introduced in late Q1 2025, it marks a shift in the threat landscape with its autonomous, modular str…

Xanthorox AI: A New Breed of Malicious AI Threat Hits the Darknet
esecurityplanet.com · 2025

A new and dangerous AI-powered hacking tool is making waves across the cybercrime underworld --- and experts say it could change the way digital attacks are launched.

Called Xanthorox AI, the tool was first spotted earlier this year on dark…

Variants

A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.

Similar Incidents

By textual similarity

Did our AI mess up? Flag the unrelated incidents

Wikipedia Vandalism Prevention Bot Loop

Wikipedia Vandalism Prevention Bot Loop

· 6 reports
Hackers Break Apple Face ID

Hackers Break Apple Face ID

· 24 reports
Game AI System Produces Imbalanced Game

Game AI System Produces Imbalanced Game

· 11 reports
Previous IncidentNext Incident