img-banner

published há 2 meses

New Xanthorox AI hacking platform spotted on dark web with modular tools, offline mode, and advanced voice, image, and code-based cyberattack features

  • A new artificial intelligence (AI) platform for offensive cyber operations, called Xanthorox AI, has been discovered by SlashNext, a cybersecurity firm. Emerging in late Q1 2025, it is reportedly being shared within cybercrime communities on darknet forums and encrypted channels. Xanthorox AI differs from earlier malicious AI tools like WormGPT and FraudGPT due to its unique multi-model framework, consisting of five AI models tailored for specific cyber tasks.

  • These models operate on private servers controlled by the seller, unlike previous tools that used public cloud services or open APIs. Xanthorox AI is a completely custom-built system, employing its own language models rather than those like LLaMA or Claude. It is designed to be modular, allowing for functions such as code generation, vulnerability exploitation, data analysis, and voice and image processing, thereby enabling automated and interactive attacks.

  • The platform facilitates online searches via more than 50 engines for up-to-date information and offers offline use to avoid the need for a constant internet connection. It emphasizes data security to prevent risks associated with third-party data collection. The Xanthorox toolkit includes various features: Xanthorox Coder automates code and script development, while Xanthorox Vision facilitates visual intelligence by allowing uploads for image analysis. Reasoner Advanced replicates human-like decision-making, aiding tasks that require logic and persuasion.

  • Voice-based interaction is also supported through real-time calls and voice messaging, enhancing command and control capabilities. Overall, Xanthorox AI serves as a comprehensive hacking tool, making cyberattacks more precise and scalable. Its introduction underscores the necessity for advanced AI-driven security measures, including threat detection and intrusion prevention systems. Experts like Casey Ellis have commented on its significance within the cybercriminal landscape, noting the strategic development behind it.