Full Report
Five Eyes intel alliance has created a team to target these scum who prey on kids Australia’s Federal Police (AFP) is working on an AI to interpret emojis and the slang used online by Generation Z and Generation Alpha, so it can understand them when they discuss crime online.…
Analysis Summary
# Tool/Technique: AI for Emoji and Slang Interpretation
## Overview
This is a prototype Artificial Intelligence (AI) tool being developed by the Australian Federal Police (AFP) and the Five Eyes Law Enforcement Group. Its primary purpose is to interpret and understand the specialized digital communication, specifically emojis and Generation Z/Alpha slang, used by organized criminal networks and "crimefluencers" discussing illicit activities in encrypted communications and chat groups.
## Technical Details
- Type: Tool (Internal Development)
- Platform: Undisclosed (Implied: Encrypted communication platforms, chat groups)
- Capabilities: Interpretation of evolving digital vernacular (emojis and slang) to detect discussions related to criminal activities, potentially including sadistic exploitation, cyber-attacks, and violence.
- First Seen: Mentioned in reference to a speech on Wednesday, October 29, 2025 (based on article date context).
## MITRE ATT&CK Mapping
Since this is a defensive/investigative tool, direct offensive mappings are limited. However, its development targets adversaries using these communications.
- **TA0001 - Initial Access** (For adversaries trying to use these channels)
- T1071 - Application Layer Protocol (Adversaries communicate over platforms)
- **TA0011 - Command and Control** (If adversaries use these coded messages for C2)
- T1071.001 - Application Layer Protocol: Web Protocols (If communication occurs over standard web-based encrypted chat)
- **TA0007 - Discovery** (Adversaries researching victim profiles/planning)
- **TA0008 - Credential Access** (If communication reveals password clues)
*Note: The AI fundamentally operates within the **T1560 - Archive Collected Data** and **T1020 - Automated Collection** space for defensive analysis, focusing on understanding obfuscated data.*
## Functionality
### Core Capabilities
- Interpreting modern, evolving slang utilized by younger demographics (Gen Z and Gen Alpha) in online discourse.
- Decoding the contextual meaning of emojis used to reference criminal acts (e.g., exploitation, violence).
### Advanced Features
- Analysis of communications within *encrypted* environments.
- Profiling decentralized online crime networks and loosely affiliated individuals who glorify crime.
- Identifying indicators relating to recruitment processes where passage of initiation tasks (like providing gory content) is required for status advancement ("gamification" of depravity).
## Indicators of Compromise
This section relates to the *output* of the tool (i.e., what the AI flags), rather than IoCs for the AI itself.
- File Hashes: N/A (Tool specific)
- File Names: N/A (Tool specific)
- Registry Keys: N/A (Tool specific)
- Network Indicators: Patterns/phrases/emoji sequences flagged in encrypted chat logs.
- Behavioral Indicators: Usage of known criminal slang/emoji combinations in private or group chats; frequent communication between suspected "crimefluencers."
## Associated Threat Actors
- Decentralized online crime networks.
- Loosely affiliated individuals exhibiting violent extremism, nihilism, sadism, Nazism, and Satanism.
- "Crimefluencers" whose activities span sadistic online exploitation, cyber-attacks, and violence primarily targeting pre-teen or teenage girls.
## Detection Methods
The detection methods described focus on recognizing the content the AI is designed to translate:
- **Signature-based detection:** Developing digital signatures for known slang terms and emoji sequences used by these groups.
- **Behavioral detection:** Identifying patterns of communication indicative of recruitment, status advancement through sharing illicit content, or planning acts of violence/exploitation.
- **YARA rules:** Potentially applicable for scanning chat logs or stored communications for known codified language variants once deciphered.
## Mitigation Strategies
The AI tool itself is a mitigation strategy aimed at intelligence gathering and disruption.
- **Prevention measures:** Early identification of communication patterns used for recruitment and radicalization.
- **Hardening recommendations:** Law enforcement training to recognize evolving digital communication patterns to preemptively disrupt plots (including school shooting threats linked to extremist ideologies flagged via social media).
## Related Tools/Techniques
- **Natural Language Processing (NLP):** The underlying technology used to process and understand human language structure.
- **Culturally Specific Translation Models:** AI models specifically trained on modern, ephemeral, or subculture-specific linguistic markers that traditional NLP might miss.
- **Open Source Intelligence (OSINT) derived interpretation tools.**