Brief IA

Europol Warns: AI, the New Weapon of Cybercriminals in 2026

🤖 Models & LLM·Tom Levy·

Europol Warns: AI, the New Weapon of Cybercriminals in 2026

Europol Warns: AI, the New Weapon of Cybercriminals in 2026
Key Takeaways
1The IOCTA 2026 report from Europol reveals a surge in AI-enhanced cybercrime, with increases in fraud and ransomware attacks.
2Ransomware groups are multiplying, reaching 120 in 2025, and forming unprecedented alliances on the dark web.
3Cryptocurrencies and mixing services facilitate money laundering, despite the shutdown of Cryptomixer.io.
💡Why it mattersAI and cryptocurrencies complicate the fight against cybercrime, necessitating urgent legal and technological adaptations.
Le brief IA que lisent les pros

Le brief IA que les pros lisent chaque soir

Les 7 actus IA du jour, décryptées en 5 min. Gratuit.

Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.

Choisis ton rythme

Gratuit · Pas de spam · Désabonnement en 1 clic

📄
Full Analysis

Cybercrime Amplified by AI

The recently published IOCTA 2026 report from Europol highlights a concerning transformation of cybercrime in Europe, amplified by the increasing use of artificial intelligence. Online fraud, ransomware, and AI-generated child sexual abuse content now represent an unprecedented threat to the European Union. Europol emphasizes that cybercriminals have a far better grasp of AI than previously thought, posing a major challenge to law enforcement.

Each year, Europol's IOCTA report serves as a barometer for cybercrime in Europe. The 2026 edition, released this Tuesday, is particularly alarming. Ransomware, online fraud, and child sexual exploitation are on the rise, exacerbated by the rapid adoption of generative artificial intelligence by criminal networks. A recurring observation throughout the report is that law enforcement is increasingly lagging behind adversaries who innovate more quickly.

AI: A Favored Tool for Criminals

The era of clumsy email scams is over. Now, artificial intelligence enables scammers to impersonate bank advisors or business leaders with striking realism. Automated chatbots identify potential victims and set tailored traps before any human intervention occurs.

Behind these digital scams lies a massive physical infrastructure, including "SIM farms," which host hundreds of SIM cards to send thousands of SMS or calls simultaneously. A network of seven Latvian nationals was dismantled last October, with 1,200 devices, 40,000 active cards, and numbers registered in over 80 countries.

What concerns Europol the most is so-called "agentic" AI, capable of conducting criminal operations from start to finish without human intervention. Although still in development, it is progressing rapidly and could soon automate large-scale scams at a speed and scale that are hard to imagine.

Ransomware and the Dark Web: A Persistent Threat

In Europol's report, it is noted that the agency identified over 120 active ransomware groups just last year, representing as many criminal gangs specializing in blocking computer data for ransom. This record number is explained by the fact that when one group is dismantled, it simply changes its name, recovers hacked tools circulating online, and resumes its attacks. Some even go further by forming alliances. In September 2025, three of the most feared hacker groups (DragonForce, LockBit, and Qilin) publicly announced their coalition on the dark web—a first in an environment where distrust is the golden rule.

The dark web is also reorganizing. Large marketplaces that sold everything (drugs, stolen data, hacking tools) are gradually giving way to smaller, more specialized criminal shops, making them harder to locate and shut down. When Europol dismantles one, another almost immediately emerges. For instance, Archetyp Market, with 600,000 users and at least 250 million euros in transactions, was taken offline in June 2025. A month later, BlackOps opened with nearly 42,000 illicit products in its catalog. Criminal continuity is almost metronomic.

Cryptocurrencies remain the preferred payment method for cybercriminals, and they are becoming increasingly ingenious at covering their tracks. "Privacy coins" are digital currencies designed from the outset to be untraceable, while mixing services function like a washing machine for digital money: they mix funds from multiple sources to obscure their origin. Cryptomixer.io, one of the largest of these services, active since 2016 and suspected of having processed over 1.3 billion euros in Bitcoin, was shut down in November. But as soon as one such service disappears, another, even harder to identify, takes its place.

Encryption and Sexual Exploitation: A Challenge for Authorities

Still in the report, the chapter dedicated to child sexual exploitation is perhaps the most chilling. Reports of financial sextortion, where minors are coerced into sending money after being trapped with their own intimate images, surged by 70% between the first half of 2024 and the first half of 2025, according to the American NCMEC, which centralizes such reports. Additionally, a new threat has emerged: AI-generated child pornography, with no identifiable real victim, flooding criminal platforms and literally overwhelming investigators' analytical capacities.

The network The Com embodies a particularly disturbing reality. Here, we have online criminal communities predominantly composed of children and teenagers aged 8 to 17, where sexual exploitation, hacking, extortion, and physical violence coexist and feed off each other. These groups coordinate their activities using end-to-end encrypted messaging apps. Consequently, law enforcement knows these networks exist, but they cannot access their communications. This legal and technical blind spot is something that no one currently knows how to bridge.

Europol is clear about what needs to be done: authorities must adopt artificial intelligence themselves to track down criminals using it against them, obtain the legal right to access data stored by major digital platforms, and collaborate better between countries to prevent borders from benefiting cybercriminals. An ambitious program on paper, but one that faces considerable legal, political, and technical obstacles. In the meantime, criminals continue to innovate faster than laws can adapt.

Brief IA — L'actualité IA en français

L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.