Cyber criminal networks
Incidents involved as Deployer
Incident 10375 Report
Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge
2025-04-16
Between April 2024 and April 2025, Microsoft reportedly blocked 1.6 million bot signups per hour and disrupted $4 billion in fraud attempts linked to AI-enhanced scams. The company's Cyber Signals report details how generative AI is being used to fabricate realistic e-commerce sites, job offers, customer service bots, and phishing lures. Fraud actors now automate mass-deceptive campaigns with fake reviews, deepfakes, and cloned brand domains at unprecedented scale and speed.
MoreIncident 10153 Report
Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform
2025-04-07
Xanthorox AI is a malicious, modular AI system released on darknet forums in early 2025. Designed from scratch for offensive cyber operations, it runs on private infrastructure and includes models for code generation, phishing, malware, social engineering, and real-time voice/image input. Its release represents a deliberate deployment of an autonomous attack platform.
MoreIncident 10162 Report
Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security
2025-04-09
The generative AI platform Lovable, which is used for building web apps, was reportedly jailbroken to create and host full phishing campaigns. These campaigns allegedly included credential-harvesting login pages, evasion techniques, and real-time exfiltration via services like Telegram and Firebase. The AI system was reportedly used for generating the phishing content and and then deploying it live on a URL hosted under its own subdomain.
More