World Tech

AI Disinformation in Underground Forums: The New Face of Deception

AI Disinformation in Underground Forums - New Face of Deception

Since the earliest days of cybersecurity, corporate security teams have relied on identifying clear, binary indicators of a threat. Security teams have scoured the dark web looking for leaked passwords and stolen databases. They have kept an eye out for malicious code. But the dark web and its purveyors have evolved.

Today, there is a new face of deception working in the shadows, and that face might just be your company’s CEO!

Some of the most dangerous modern corporate threats look nothing like computer code. They are more likely to be presented as videos or emails, allegedly from company officers, authorizing some sort of harmful action – like an emergency wire transfer. And these new ways of deceiving are becoming increasingly sophisticated thanks to AI.

The Weaponization of the Deepfake

The Weaponization of the Deepfake

Source: csis.org

AI can do some truly amazing things. Unfortunately, hackers and cybercriminals are more than happy to take advantage of what it offers. They are weaponizing deepfakes and automated disinformation campaigns at scale.

What does this mean for security teams? They are being forced to shift their defensive strategies toward open-source intelligence (OSINT) tools and dedicated OSINT threat intelligence practices.

How the AI Threat Landscape Has Evolved

Just as hackers and cybercriminals have evolved over the years, so has the AI threat landscape. In the earliest days of AI, spotting a deepfake or automated smear campaign was relatively easy. For example, consider a faked video of a corporate CEO. Back then, AI videos depicted people who would blink unnaturally or not at all.

As AI has gotten better, the videos and text it produces are becoming harder to spot. But it gets worse. Modern threat actors now use customized, malicious AI models to create flawless audio and video clones. It only takes minutes to generate highly convincing media that can be leveraged for corporate espionage, a smear campaign, or other nefarious purposes.

Source: drlogic.com

Two of the biggest threats corporations currently face are:

  • Executive Impersonation – Executive voices and images are being cloned to bypass identity verification, opening the door to fraudulent financial transactions or disclosing sensitive information.
  • Brand Sabotage – Highly convincing whistleblower allegations, news reports, etc. can be crafted with little effort and then used to inflict reputational damage and financial loss.

The challenge for corporate security teams is to learn how to spot AI threats before they do significant damage. It is not easy, and DarkOwl says success usually lies in a heavy dose of OSINT threat intelligence.

The OSINT Role

Hoping to detect an AI deepfake after it has been released on mainstream social media platforms is a terrible strategy. By the time a video has gone viral, the damage has already been done. So the best strategy for security teams is to try to identify AI campaigns while they are still in the planning stages.


This is where DarkOwl says OSINT tools and threat intelligence prove invaluable. It’s invaluable because hackers do not deploy their sophisticated campaigns in a vacuum. They collaborate. They trade resources, test their synthetic media, and share success stories.

By deploying OSINT threat intelligence across standard internet sites, dark web destinations, and encrypted chat applications, skilled cybersecurity analysts can pick up clues indicating that an AI-generated attack is on the way. Steps can then be taken to stop the attack before it begins.

The dark web and its threat actors continue to evolve. AI now plays a much greater role in how they operate. If corporate security hopes to keep up, it must come to terms with how AI is being used to spread disinformation, sabotage brands, and steal financial resources.

Most Popular

To Top