- The CyberLens Newsletter
- Posts
- AI Powered Cyber Mercenaries
AI Powered Cyber Mercenaries
How Hackers Are Renting Algorithms on the Dark Web
Devona Green Jordan
August 18, 2025
In partnership with
Marketing ideas for marketers who hate boring
The best marketing ideas come from marketers who live it.
That’s what this newsletter delivers.
The Marketing Millennials is a look inside what’s working right now for other marketers. No theory. No fluff. Just real insights and ideas you can actually use—from marketers who’ve been there, done that, and are sharing the playbook.
Every newsletter is written by Daniel Murray, a marketer obsessed with what goes into great marketing. Expect fresh takes, hot topics, and the kind of stuff you’ll want to steal for your next campaign.
Because marketing shouldn’t feel like guesswork. And you shouldn’t have to dig for the good stuff.
Interesting Tech Fact:
Did you know that one of the earliest examples of an AI-like algorithm dates back to 1843, long before modern computers even existed? Ada Lovelace, often called the world’s first computer programmer, wrote what many consider the first algorithm designed to be carried out by a machine—the Analytical Engine conceived by Charles Babbage. What’s rarely discussed is that Lovelace speculated the machine could one day manipulate not just numbers, but symbols, sounds, and even art—essentially predicting the foundations of today’s AI algorithms nearly two centuries ago. This forgotten foresight shows that the vision for machine intelligence has deeper roots in history than most realize, giving modern AI a surprising origin story that began in the age of steam rather than silicon.
The “Renting” Process
For years, cyber-crime was largely a game of human ingenuity. Attackers relied on clever social engineering, brute-force tactics, or vulnerabilities that slipped through the cracks of corporate defenses. But a seismic shift is underway in the hidden underworld of digital crime. Hackers are no longer relying solely on their own coding skills or human limitations—they are renting out AI-powered algorithms like mercenaries for hire. This new frontier in the dark web economy is as chilling as it is innovative. Criminals are now buying access to machine learning models that can write malware in seconds, generate endless phishing lures that outwit spam filters, or even mimic the voices of CEOs to bypass security checks. The game has changed. What used to take weeks of planning can now be executed in hours, leaving businesses, governments, and individuals facing adversaries who wield an almost industrial-scale level of precision.
The mechanics of this cyber mercenary marketplace are disturbingly straightforward. On encrypted forums, hackers advertise pre-trained AI models much like legitimate companies sell software-as-a-service. Subscription models are common—monthly access to a ransomware-enhanced algorithm might cost less than a streaming subscription, while one-time deepfake services are sold like one-off gigs. Some sellers even offer customer support, promising to “fine-tune” an algorithm for specific targets, whether that means tailoring phishing emails to a Fortune 500 company or designing a botnet that evolves to evade detection. What’s particularly unnerving is how these algorithms are modular; attackers can combine them into hybrid operations, linking AI-driven reconnaissance tools with automated exploit kits. The result is an attack chain that looks less like a single hacker at work and more like a coordinated army of machine-driven operatives—except this army can be rented by anyone with cryptocurrency and intent.
Behind this growing economy are not just opportunistic individuals, but organized groups leveraging AI to professionalize cybercrime. Some are offshoots of known ransomware gangs, diversifying their portfolios by creating ready-made AI services. Others are state-aligned actors who use the guise of dark web anonymity to obscure their geopolitical fingerprints, testing AI-enabled espionage techniques before deploying them in official operations. And then there are the entrepreneurial lone wolves who have realized that selling AI models is safer and more profitable than running attacks themselves. Instead of risking exposure by targeting victims directly, they provide the “weapons” for others to launch attacks. This blurred line between direct attacker and algorithm provider complicates attribution, creating a murky battlefield where it’s nearly impossible to tell if an intrusion originated from a rogue teenager, a sophisticated criminal syndicate, or a government-backed operation.
For businesses, this is nothing short of a paradigm shift in cyber risk. Traditional defenses were designed to withstand predictable, human-crafted attacks. But an AI-driven phishing campaign can now generate millions of unique, highly personalized emails in minutes, bypassing filters and exploiting psychological weaknesses with unprecedented precision. Governments face an equally daunting challenge. AI-enhanced tools can disrupt critical infrastructure, flood social media with convincing disinformation, or even manipulate financial systems—all at a fraction of the cost of conventional cyber weapons. For individuals, the risk is deeply personal. AI-generated deepfakes are no longer just political tools; they can be used to blackmail, impersonate loved ones, or drain bank accounts by fooling voice authentication systems. The democratization of AI in criminal hands means no target is too small, no defense too sophisticated, and no digital life completely safe.
The strategies being deployed are as varied as they are alarming. We’re seeing generative models designed to write polymorphic malware that morphs its code every time it spreads, making detection a moving target. AI reconnaissance bots crawl through social media and open-source data to build detailed profiles of targets, predicting behaviors and vulnerabilities with eerie accuracy. Algorithmic disinformation engines churn out convincing news stories and images designed to destabilize public trust. Even brute-force attacks have been turbocharged, with AI analyzing encryption patterns to anticipate weaknesses faster than any human could. The common thread is scale: these tools aren’t just smarter, they’re infinitely repeatable, giving attackers the ability to unleash waves of assaults that overwhelm defenses not by sophistication alone but sheer volume.
The real-world implications are stark. We are entering a world where cyber-crime has its own gig economy, where adversaries can rent intelligence that once required nation-state resources. This erodes the traditional balance of power in cyberspace, putting AI-driven offensive capabilities in the hands of petty criminals and activists alongside governments and organized crime. Trust in digital systems—the foundation of modern economies—faces a slow erosion. When every email could be a trap, every video a fake, and every interaction potentially manipulated by an unseen algorithm, the social contract of the internet begins to fray. Regulation, detection, and defense are scrambling to keep up, but AI evolves faster than policy. It’s a race in which the defenders are already behind.
Final Thought
The rise of AI-powered cyber mercenaries is not a passing trend—it is the opening act of a much larger transformation in how crime, espionage, and even warfare will be waged in the digital era. By lowering the barrier to entry, the dark web has created a black-market ecosystem where anyone with cryptocurrency can access tools that were once the guarded advantage of elite nation-state hackers. This democratization of offensive AI doesn’t just tilt the scales—it obliterates them, leaving businesses, governments, and ordinary citizens vulnerable to algorithmic predators that never sleep, never tire, and only grow smarter with each deployment.
The implications stretch far beyond stolen data or disrupted systems. What is truly at stake is trust itself. If every voice call, every financial transaction, every email, and every headline can be manipulated by machine intelligence, the foundations of digital society are at risk. A world where perception can no longer be trusted is a world ripe for destabilization—economically, politically, and personally. Defending against these threats will require more than stronger firewalls or faster detection; it will demand a rethinking of cyber defense strategies, public policy, and even the ethical frameworks guiding AI development.
The unsettling truth is that these mercenary algorithms are not confined to the shadows for long. History tells us that once such weapons are unleashed, they spread rapidly, evolving beyond the control of those who first created them. The race between attacker and defender has always been uneven, but the advent of rentable AI mercenaries has widened the gap into a chasm. The question now is not whether society can stop this tide—it is whether we can adapt quickly enough to survive it.
Because the next great war for digital dominance won’t be fought by humans tapping on keyboards, but by algorithms we cannot see, sold to the highest bidder in the hidden marketplaces of the dark web.
Subscribe to CyberLens
Cybersecurity isn’t just about firewalls and patches anymore — it’s about understanding the invisible attack surfaces hiding inside the tools we trust.
CyberLens brings you deep-dive analysis on cutting-edge cyber threats like model inversion, AI poisoning, and post-quantum vulnerabilities — written for professionals who can’t afford to be a step behind.
📩 Subscribe to The CyberLens Newsletter today and stay ahead of the attacks you can’t yet see.
