Online criminals are exploiting artificial intelligence tools to boost the number of attacks they launch and improve their chances of stealing information and money from victims.
In some cases, inexperienced hackers are asking AI chatbots to write malicious code on their behalf, with mixed results.
Cybersecurity firm CrowdStrike revealed the trend on Wednesday, in a report that also noted AI had helped to boost the speed of online break-ins and ChatGPT had become a favourite on hacking forums.
The findings come after the World Economic Forum warned AI had become the biggest driver of cybersecurity threats, and companies may need to deploy their own AI defences to defeat them.
CrowdStrike's annual Global Threat Report tracked the actions of 281 groups during 2025 and found "adversaries of all motivations exploited AI to accelerate, optimise and troubleshoot" online attacks.
AI-enabled threats almost doubled during the year, up by 89 per cent, the company found, and played a role in creating convincing phishing emails, malicious websites, and in social engineering attacks.
Generative AI tools were deployed by many types of online criminals, CrowdStrike counter-adversary senior vice-president Adam Meyers said, to make their attacks appear more legitimate.
"AI can play in lots of different aspects of the threat actor and how they operate," he told AAP.
"We see phishing emails and we see content built using (large language models) to enable the threat actor to have a more convincing story with the victim and a little bit more success."
AI tools also shortened the time it took criminals to move to another part of a computer system after a break-in, the report found, with the average dropping from 48 minutes in 2024 to 29 minutes.
The shortest break-out time was clocked at 27 seconds, down from 51 seconds.
Exploitation of zero-day vulnerabilities, or unpublished software flaws, increased by 42 per cent during 2025, the company found, and ChatGPT was the most discussed AI tool on hacking forums by a huge margin, followed by Gemini, Grok, DeepSeek and Claude.
However, AI tools did not always improve criminals' success, Mr Meyers said, as less-knowledgeable hackers relied on the technology to write malicious code for them.
In one case, CrowdStrike researchers were able to reverse engineer ransomware created using generative AI and subvert it.
"(This) threat actor used AI to build the ransomware tool and they didn't understand proper cryptography," he said.
"There were flaws in how that malware was built that we were able to take advantage of so they were unable to get paid."
Future online attacks were likely to use AI to target data stored in the cloud and to exploit agentic AI tools given autonomy over business systems, Mr Meyers said.
