Why DIG AI is the most dangerous malicious AI of 2025
Cybersecurity firm Resecurity (via Help Net Security) exposed DIG AI, an uncensored artificial intelligence assistant on the darknet that enables criminals to generate malware, create child sexual abuse material, and obtain detailed instructions for manufacturing explosives without safety restrictions. The tool operates via the Tor network.
Resecurity first detected DIG AI on September 29, 2025. The platform experienced a surge in adoption during the final quarter of 2025, particularly amid the winter holiday season when levels of illegal activity reached records. The creator, operating under the alias “Pitch,” presented DIG AI as a criminal alternative to mainstream artificial intelligence platforms. Access requires no account registration.
Resecurity’s report dated December 17 details the platform’s foundation on a jailbroken version of ChatGPT Turbo. It provides specialized models tailored to distinct functions. DIG-Uncensored handles generation of prohibited content. DIG-GPT processes text-based tasks. DIG-Vision supports creation of deepfakes and illicit imagery.
This development aligns with a broader pattern in weaponized artificial intelligence. Resecurity recorded an increase exceeding 200 percent in mentions and use of malicious artificial intelligence tools across cybercriminal forums from 2024 to 2025. Such tools fall under the category of dark large language models, which consist of systems either constructed from scratch or derived from legitimate artificial intelligence with safety restrictions eliminated.
Predecessors in this category include FraudGPT and WormGPT. Resecurity analysts performed extensive testing on DIG AI. They verified its capacity to produce functional malicious code, such as obfuscated JavaScript backdoors intended to compromise web applications. Tasks like code obfuscation require three to five minutes owing to constrained computing resources.
Operators address these delays through premium services that charge fees, establishing a “Crime-as-a-Service” model. DIG AI also supports production of child sexual abuse material by generating hyper-realistic images. This occurs through entirely synthetic content or by altering benign images of real minors.
Resecurity collaborated with law enforcement authorities to gather and preserve evidence documenting threat actors’ use of the platform for highly realistic child sexual abuse material. The firm identified criminal artificial intelligence as presenting heightened threats prior to major global events in 2026, such as the Winter Olympics in Milan and the FIFA World Cup.
These tools allow bad actors to expand operations and circumvent content protection policies. Resecurity described the situation as a new frontier in which criminals develop and sustain custom infrastructure for artificial intelligence operations, terming it the “fifth domain of warfare: cyber.”