The Defender's Advantage Podcast AI Tools and Sentiment Within the Underground Cyber Crime Community
Aug 18, 2025
Michelle Cantos, a Senior Analyst at Google Threat Intelligence Group, dives into the dark world of underground cybercrime. She reveals how deepfake technology is exploited for creation and monetization, shedding light on the complex landscape of illicit AI tools. The podcast discusses how threat actors leverage customized AI models, transforming conventional crime into sophisticated operations. Additionally, Cantos explores customer reviews in these marketplaces, highlighting the duality of satisfaction and deception among cybercriminals.
AI Snips
Chapters
Transcript
Episode notes
Underground Markets Mirror Legitimate AI Ecosystems
- Underground forums mirror legitimate marketing and discussion patterns around AI tools and services.
- Threat actors treat AI as a transformative, commonplace force multiplier across the attack lifecycle.
No-Log, Uncensored Tools Attract Malicious Use
- Illicit AI offerings often advertise uncensored outputs and no data retention as selling points.
- These features differentiate them from legitimate models and appeal to malicious actors seeking deniability.
Watch For Integrated 'All‑In' Illicit Tools
- Expect many underground AI tools to bundle multiple capabilities into one 'all-in' service.
- Monitor for Swiss-army-knife offerings that combine LLMs, deepfake generators, and intrusion utilities when assessing risk.