Blog

AI Threat Report: How Artificial Intelligence Is Used Across Illicit Communities

A monthly analysis of how artificial intelligence is used in illicit communities, based on Flashpoint proprietary intelligence and direct visibility into real threat actor environments.

Default Author Image
Flashpoint Intel Team
May 19, 2026
Table Of Contents
Table of Contents
AI Activity Volume and What It Represents
Where AI Activity Is Concentrated
AI-Enabled Fraud and Identity Verification Bypass
Malicious LLM Usage and Prompt-Based Workflows
Operational Patterns and What Holds Across Sources
What Security Teams Should Take Away
More
subscribe to our newsletter

A finance employee joins a video call with their CFO and several colleagues. The request is routine. The faces match. The voices sound authentic. Minutes later, $25 million is transferred—only to be discovered later that every participant on the call, except one, was AI-generated.

Techniques behind incidents like this—synthetic video, voice cloning, scripted interactions—are now being discussed openly in the same environments where threat actors exchange tools and methods. In April 2026 alone, Flashpoint analysts identified 2,328,958 posts discussing artificial intelligence in the context of illicit activity.

This volume reflects a larger shift: artificial intelligence is now deeply embedded across cybercrime ecosystems, influencing fraud, impersonation, social engineering, and access operations at scale. It shows up in how content is generated, how identities are replicated, and how workflows are executed and refined over time.

That’s why we created the monthly AI Threat Report to examine how threat actors are using artificial intelligence in real-world illicit environments. Drawing on Flashpoint proprietary intelligence and direct visibility into primary source communities across forums, marketplaces, and chat services, the report analyzes the tactics, tools, and operational patterns shaping malicious AI use. Analysis of April’s activity shows a focus on prompt-sharing, jailbreak methods, and alternative models that support fewer safeguards or moderation controls.

AI Activity Volume and What It Represents

In April 2026, Flashpoint analysts identified 2,328,958 posts discussing artificial intelligence in the context of illicit activity across forums, marketplaces, and chat services.

Mentions of AI in conjunction with illicit advertisements and discussions in April 2026. (Source: Flashpoint)

The underlying activity was concentrated around a familiar set of use cases and workflows:

  • identity verification bypass
  • fraud enablement and scripting
  • impersonation through synthetic media
  • prompt-sharing and jailbreak workflows

However, the emphasis within those discussions shifted in several places in April.

  • Posts tied to custom malicious LLM development appeared less frequently than discussions centered on usability: how to bypass safeguards, generate more reliable outputs, or move activity onto platforms perceived as less restrictive. 
  • References to alternative models and prompt collections appeared more often throughout the month, alongside requests for jailbreak methods and phishing-oriented outputs.

This activity points to a more mature stage of adoption. The focus is less on building entirely new tooling and more on improving reliability, portability, and ease of use within workflows that already exist.

That pattern shows up repeatedly across monitored sources. Users exchange prompts, repost working methods, and refine outputs through direct feedback. In many cases, the same underlying techniques continue circulating with only minor changes between platforms or communities.Looking across April activity helps identify which methods continue to generate demand, where threat actors are adapting around platform restrictions, and which workflows remain active across multiple environments.

Where AI Activity Is Concentrated

AI-related activity in April remained concentrated on a small number of platforms, though the distribution shifted noticeably compared to March.

Telegram accounted for the majority of observed activity, with 1,395,075 posts tied to AI services and discussions. Reddit, GitHub Gist, Pastebin, Discord, and smaller forums accounted for significantly lower volumes.

Posts selling AI services (in red) and posts seeking to purchase AI services (in blue) on Telegram in April 2026. (Source: Flashpoint)

The lower Telegram volume does not indicate reduced interest in AI-enabled activity. The platform continues to function as a primary distribution layer for prompts, jailbreak methods, fraud tooling, and service advertisements.

Across April, the same prompts, offers, and workflows appeared repeatedly across channels, often reposted with only minor adjustments. Sellers updated listings based on user feedback, while buyers requested revisions tied to specific outputs or platforms.

Other platforms served more targeted roles:

  • GitHub Gist and paste sites hosted scripts or supporting material
  • forums supported reputation building and longer technical discussions
  • Discord communities centered around specific models, prompt collections, or jailbreak workflows

The activity remains connected across environments. Methods introduced in one community frequently reappear elsewhere, particularly when they produce reliable outputs or help users work around moderation controls.Tracking how these discussions move between sources helps identify which workflows continue to gain traction and which techniques are becoming more broadly operationalized.

AI-Enabled Fraud and Identity Verification Bypass

Across April, Flashpoint analysts observed 63,763 posts advertising or discussing KYC bypass methods using artificial intelligence, including deepfake-enabled verification workflows.

The methods were active across Telegram channels dedicated to identity verification bypass services.

Posts continued to advertise:

  • synthetic video generation designed to mimic live verification behavior
  • voice cloning and scripted interaction prompts
  • bundled “KYC bypass kits” tailored to onboarding and verification workflows

Some offerings included guidance on how to adapt responses for specific platforms or verification requirements. Others promoted combinations of synthetic video, matching fake documentation, and AI-generated scripts designed to support impersonation attempts from start to finish.

The broader workflow remains consistent. AI supports how identities are replicated, how verification checks are navigated, and how fraud operations are scaled across different services.

This activity connects directly to the wider access ecosystem already observed across illicit communities. Stolen credentials, session tokens, phishing infrastructure, and AI-enabled impersonation methods increasingly operate alongside one another within the same workflows.

Across April, posts tied to these methods continued to show active refinement through user feedback, reposting, and platform-specific variations.

For security teams, this activity remains relevant at the control layer. Verification systems, onboarding workflows, and account recovery processes continue to be tested in the same environments where these methods are exchanged and improved.

Malicious LLM Usage and Prompt-Based Workflows

Across April, discussions tied to malicious or unrestricted LLM usage focused heavily on jailbreak methods, prompt-sharing workflows, and access to alternative models perceived as less restricted than mainstream platforms.

The top observed malicious LLMs mentioned within Flashpoint Collections in April 2026. (Source: Flashpoint)

Flashpoint analysts observed a significant increase in discussions related to VeniceAI, driven in part by newly created Reddit and Discord communities dedicated to the platform. The increase highlights continued interest in models that users believe operate with fewer safeguards or moderation controls than services like ChatGPT or Gemini.

The activity centers on usability and output reliability.

Posts reference:

  • jailbreak prompts designed to bypass safeguards
  • phishing and fraud-oriented prompt collections
  • step-by-step instructions for generating specific outputs
  • requests for prompts tailored to impersonation or social engineering workflows

Many of these prompts are shared in collections that include updates, revisions, or support channels. Users exchange feedback when prompts stop working, outputs degrade, or platforms introduce new restrictions. Updated versions frequently follow within short timeframes.

This type of activity reinforces how prompt engineering has developed into its own service layer across illicit communities. The focus is not limited to the underlying model itself, but to the ability to generate repeatable outputs that can be applied directly within fraud, phishing, or impersonation workflows.

Across April, the same prompt structures and jailbreak methods appeared repeatedly across multiple sources, often with only small adjustments tied to platform or target.

The emphasis remains on accessibility, portability, and ease of use rather than custom model development.

Operational Patterns and What Holds Across Sources

Across April, the same behaviors continued to appear across different environments with only minor variation.

Prompt libraries, jailbreak methods, phishing workflows, and identity verification bypass techniques circulated across Telegram channels, forums, Discord communities, and paste sites. The wording changed slightly between platforms, though the underlying structure and outputs remained consistent.

This reuse is visible in how content moves between sources. A jailbreak prompt shared in one channel appears elsewhere with revised wording or additional instructions. A phishing workflow posted to a forum is copied into a paste site and redistributed through Telegram. Users request modifications, test outputs, and repost updated versions when restrictions change or methods stop working.

That cycle appeared repeatedly throughout April.

The activity also showed strong feedback loops tied to usability. Discussions focused heavily on which prompts generated reliable outputs, which models produced fewer restrictions, and which workflows required the least adjustment before use.

Across monitored sources, the same operational priorities appeared consistently:

  • reliability of outputs
  • ease of reuse
  • ability to bypass safeguards
  • compatibility with existing fraud and impersonation workflows

Looking across April activity reinforces how AI-enabled methods continue to mature through repetition, iteration, and distribution across connected communities.

What Security Teams Should Take Away

The activity tracked in this report shows how artificial intelligence is being used in environments where techniques are developed, tested, and shared before they surface elsewhere.

Across these communities, methods tied to fraud, impersonation, and access are reused, adjusted, and circulated in forms that others can apply directly. That process does not require significant change to move from discussion into use.

For security teams, the priority is maintaining visibility into how these methods are evolving and where they are being applied. That visibility supports earlier detection, more focused response, and a clearer understanding of which techniques are actively in circulation.

Monitoring these sources provides that context. It connects observed activity to the methods behind it and helps teams track how those methods develop over time.

If you want to see how this activity maps to your environment, request a demo.

Begin your free trial today.

Get a Free Trial

Contact Sales