Full Report
Group-IB says crims forking out for Dark LLMs, deepfakes, and more at subscription prices Cybercrime has entered its AI era, with criminals now using weaponized language models and deepfakes as cheap, off-the-shelf infrastructure rather than experimental tools, according to researchers at Group-IB.…
Analysis Summary
# Tool/Technique: Dark LLMs
## Overview
Dark LLMs are self-hosted Large Language Models specifically built for facilitating cybercriminal activities such as scams and malware development, explicitly designed to ignore safety rules and operate discreetly, often routed through Tor.
## Technical Details
- Type: Attack Tool (Weaponized Software)
- Platform: Infrastructure supporting LLM deployment (likely cloud/private servers, accessed via Tor/dark web)
- Capabilities: Generating malicious content, assisting in scams, potentially aiding malware creation/reconnaissance.
- First Seen: Information indicates they are actively sold and utilized, with usage escalating since 2019 mentions, reaching a significant market by 2025.
## MITRE ATT&CK Mapping
The core usage of Dark LLMs centers around improving existing malicious processes and social engineering phases.
- **TA0001 - Initial Access**
- T1566 - Phishing
- T1566.001 - Spearphishing Attachment / T1566.002 - Spearphishing Link (LLMs excel at crafting convincing, personalized lures)
- **TA0002 - Execution**
- T1059 - Command and Scripting Interpreter (Potentially aids in scripting complex attacks)
- **TA0012 - Credential Access** (Via highly effective social engineering)
- **TA0011 - Command and Control** (Less direct, but aids in creating C2 communication protocols or obfuscated requests)
## Functionality
### Core Capabilities
- Generating high-quality, persuasive text for scams and social engineering campaigns at scale.
- Operating outside the purview of mainstream LLM safety guardrails.
- Being offered as a subscription service (ShaS) at low monthly costs ($30/month mentioned).
### Advanced Features
- Self-hosting and operating behind Tor for anonymity.
- Designed specifically for malicious intent (scams, malware assistance).
- Used in conjunction with human operators for coaching in scam call centers (synthetic voice support).
## Indicators of Compromise
Since Dark LLMs are infrastructure/service providers rather than endpoint malware, IoCs focus on the infrastructure procuring or using them:
- File Hashes: N/A (Focus is on the service/model)
- File Names: N/A
- Registry Keys: N/A
- Network Indicators: Access points likely routed via **tor[.]onion** services or specific illicit forums on the dark web.
- Behavioral Indicators: Automated generation of large volumes of highly contextualized phishing emails/messages.
## Associated Threat Actors
- Cybercriminals at large utilizing readily available illegal SaaS models.
- Scam call centers leveraging synthetic voices coordinated by LLM coaching.
- Malware developers exploring AI-assisted reconnaissance and persistence (**Early hints**).
## Detection Methods
- Signature-based detection: Limited, as the output mimics legitimate human language/content.
- Behavioral detection: Monitoring for anomalous volumes of personalized social engineering content originating from compromised systems or new infrastructure.
- YARA rules: Not directly applicable to the LLM service itself, but useful for detecting output artifacts if standardized.
## Mitigation Strategies
- **Training:** Comprehensive user awareness training focusing on hyper-personalized phishing and identifying AI-generated communication styles.
- **Verification:** Implementing multi-factor authentication and out-of-band verification methods (e.g., calling a known executive number) for unusual financial or data requests.
- **Infrastructure Monitoring:** Monitoring for unusual traffic patterns associated with suspected dark web access or large-scale automated outreach generation.
## Related Tools/Techniques
- Deepfakes and Impersonation Tools (Used in tandem with Dark LLMs for comprehensive identity theft/fraud.)
- Automated Phishing Frameworks (Dark LLMs revolutionize the content generation phase of these frameworks).
***
# Tool/Technique: Deepfakes and Synthetic Identity Kits
## Overview
Off-the-shelf software and services sold to generate synthetic media—specifically AI-generated faces and voices—used for impersonation, fraud (including deepfake fraud causing hundreds of millions in losses), and potentially bypassing biometric or identity verification measures.
## Technical Details
- Type: Attack Tool (Media Generation Software/Service)
- Platform: Various, designed for creating deployable digital identities.
- Capabilities: Generating realistic synthetic faces and cloneable voices for impersonation.
- First Seen: Sales spiked sharply in 2024 and continued growing through 2025, indicating a rapidly maturing market.
## MITRE ATT&CK Mapping
The primary mapping relates to establishing presence and manipulating personnel.
- **TA0007 - Credential Access**
- T1110 - Brute Force (If used to bypass voice/video biometric checks)
- **TA0008 - Lateral Movement**
- T1078 - Valid Accounts (Using impersonated executive identities)
- **TA0006 - Collection**
- T1189 - Drive-by Compromise (If deepfake social lures result in user action)
- **TA0003 - Persistence** (Establishing a convincing presence that maintains unauthorized access)
## Functionality
### Core Capabilities
- Creating complete synthetic identity kits (face and voice combination).
- Enabling high-value impersonation, such as cloning executive voices for internal corporate fraud.
### Advanced Features
- Enabling deepfake fraud that resulted in verified losses of $347 million in one quarter.
- Facilitating high-volume fraud attempts noted at financial institutions (e.g., 8,000+ attempts flagged over eight months at one bank).
## Indicators of Compromise
- File Hashes: N/A (Focus is on the content generated)
- File Names: N/A
- Registry Keys: N/A
- Network Indicators: Communications potentially related to cloud/GPU resources used for high-rate multimedia generation, though tooling is likely portable.
- Behavioral Indicators: Unnatural pacing or tonal quality in voice calls, visual artifacts in video calls inconsistent with known individuals, use of cloned voices for first contact in fraud attempts.
## Associated Threat Actors
- Cybercriminals focused on high-value financial fraud (Business Email Compromise variants).
- Impersonation actors targeting specific individuals, including corporate executives.
## Detection Methods
- Signature-based detection: Difficult due to the generative nature of the tools.
- Behavioral detection: Analysis of communication anomalies (e.g., unexpected video call initiation, unnatural cadence in synthetic voices).
- Mitigation: Use of digital media forensics tools designed to spot subtle generative artifacts in video and audio.
## Mitigation Strategies
- **Media Forensics:** Deploying detection systems capable of identifying synthetic media artifacts.
- **Policy Enforcement:** Strict no-wire-transfer policies based solely on unverified voice or video requests.
- **Communication Hygiene:** Mandatory secondary, secure channel verification for sensitive instructions.
## Related Tools/Techniques
- Dark LLMs (Often used to script the context or pretext for the deepfake interaction).
- Voice Cloning Technology.
***
*Note: The provided context emphasizes the commoditization and subscription pricing of these AI-enabled cybercrime components, indicating a shift from requiring specialist skills to purchasing readily available "AI as a Service" infrastructure.*