A major new study has found that hackers and cybercriminals are struggling to make AI work for them and that the bigger danger may actually come from the rest of us using AI badly, according to a study published in the journal Arxiv. Researchers from the Universities of Edinburgh, Cambridge, and Strathclyde analysed over 100 million posts on underground cybercrime forums to find out how criminals were really using AI tools. What they found may come as a relief but also as a warning.
Most Hackers Aren’t AI Experts
Despite all the headlines about AI supercharging cybercrime, the reality looks quite different. Most cybercriminals simply don’t have the skills or resources to take full advantage of AI tools. In fact, AI coding assistants (programs that help write computer code) are mainly useful to hackers who were already highly skilled. Rather than making it easier for beginners to commit crimes online, these tools still demand a lot of knowledge to use effectively.
In other words, AI isn’t turning everyday people into master hackers overnight.
The research team looked at posts made from November 2022 onwards, the point when ChatGPT launched and AI became a hot topic worldwide. They used a mix of computer-based analysis and hands-on reading of posts to understand how criminal communities were actually talking about and using these technologies.
Where AI Is Making a Difference
That said, criminals are finding AI useful in a few specific areas. It has been used to help disguise suspicious patterns that cybersecurity professionals would normally spot and flag. It has also been put to work running automated fake social media accounts used to carry out harassment (particularly targeting women) and to run online fraud schemes.
Researchers also found some early use of AI in more sophisticated automation, particularly in “social engineering”, such as tricks designed to manipulate people into giving up passwords or personal information; and so-called “bot farming,” where large networks of fake accounts are operated at scale.
Even so, experts stress that this is more of an evolution than a revolution. Cybercrime was already heavily automated and industrialised before AI came along, relying on ready-made tools and pre-packaged attack kits. AI is just another tool being added to an existing toolkit, not a total reinvention of how crime works online.
Chatbot Safety Guards Are Working
There is some genuinely good news in the findings. The safety guardrails built into mainstream AI chatbots, including rules designed to stop them helping with harmful requests, are making a real difference. They are blocking a significant amount of potentially dangerous use.
However, there are early warning signs that some members of these criminal communities are finding ways to manipulate chatbots into producing outputs they shouldn’t. So while the guardrails are holding for now, researchers say continued vigilance is essential.
The Real Risk: Poorly Built AI by the Rest of Us
Perhaps the most striking finding flips the usual narrative on its head. The biggest cybersecurity threat from AI may not be criminals using it, but it may be the rest of us using it carelessly.
Researchers highlight two particular concerns. The first is the rise of poorly secured “agentic AI” systems where AI can act independently, making decisions and carrying out tasks on its own. If these systems aren’t properly secured, they could become easy targets for criminals to exploit.
The second is “vibecoded” software, a growing trend where businesses and individuals use AI to write computer code for apps and websites, often without fully understanding what that code does or whether it’s safe. Insecure AI-written products could open up huge new vulnerabilities that even low-skilled criminals could take advantage of.
Adding another layer to the picture, researchers noticed that many people in these cybercrime forums were actually worried about losing their legitimate IT jobs to AI and that this anxiety could push more people towards criminal activity in the future.
The findings will be presented at the Workshop on the Economics of Information Security in Berkeley, USA, in June 2026.
Dr Ben Collier, Senior Lecturer in Digital Methods at the University of Edinburgh, summed up the message clearly: “Cybercriminals are experimenting with these tools, but as far as we can tell it’s not delivering them real benefits in their own work. Our message to industry is: don’t panic yet. The immediate danger comes from companies and members of the public adopting poorly secured AI systems themselves, opening them up to catastrophic new attacks that can be performed by cybercriminals with little effort or skill.”
Jack Hughes and Ben Collier and Daniel R. Thomas, Stand-Alone Complex or Vibercrime? Exploring the adoption and innovation of GenAI tools, coding assistants, and agents within cybercrime ecosystems, 2026, arXiv, https://arxiv.org/abs/2603.29545