Trend Micro publishes new research findings on the criminal use of artificial intelligence (AI). According to the findings, AI-powered cybercrime has moved out of the experimental phase and developed a more professional, stable ecosystem, comparable to other established underground markets.

The study Criminal AI in 2025: The Year the Underground Went Pro examines how cybercriminals used AI at the turn of the year. It was based on analyses of underground services, malware samples and ongoing attack campaigns. The results show that criminals are relying less on new methods, but are refining existing techniques, reducing costs and increasingly using reliable tools in areas such as fraud, malware development and deepfake-based crime.

This is the fourth update in Trend Micro's ongoing research series. Earlier reports documented manipulated chatbots, initial deepfake fraud cases and isolated test attacks. In the meantime, these approaches have developed into reproducible services that can be rented, reused and scaled.

David Sancho, Senior Threat Researcher at Trend Micro © Trend Micro

"There is no radical upheaval on the horizon for 2026, but rather a gradual, continuous development," says David Sancho, Senior Threat Researcher at Trend Micro. "We won't see a sudden explosion of AI-driven chaos scenarios. Instead, we are seeing a steady, professional evolution of existing tools. It is precisely this quiet, continuous optimization that makes criminal ecosystems particularly difficult to attack."

The study identifies three key trends:

1. A consolidation of offers in underground forums. While new "unfiltered" AI tools often disappear quickly, services that use jailbreaks and prompt manipulation of established platforms in particular remain.
2. The appearance of the first malware variants that generate or modify malicious code using embedded or external AI queries. These are still of limited use, but point to more adaptable malware.
3. The increasing spread of deepfake technologies such as face swapping or voice cloning, which enable new forms of fraud - from identity misuse to non-consensual synthetic content.

According to Trend Micro, defenders currently still have a head start thanks to AI-supported detection systems, threat intelligence and automated analyses. However, this is shrinking as attackers use the same technologies and often operationalize them more quickly.

The authors see the greatest risk not so much in sudden breakthroughs by the perpetrators, but in the normalization of AI-supported crime. As soon as such tools become cheaper and easier to use, they will spread permanently in the cybercrime ecosystem.

"For companies, this change means that AI-supported attacks must be seen as part of everyday life and no longer as an exception," adds David Sancho. "Deepfake-based fraud, identity misuse and AI-supported malware are no longer marginal phenomena, but risks that must be firmly factored into security strategies, verification processes and incident response planning."

The full study "Criminal AI in 2025: The Year the Underground Went Pro"can be found here.