North Korean hacking group Kimsuky, which is believed to be state-controlled, used ChatGPT to create a fake South Korean military ID to make a phishing attack look more credible. According to Bloomberg, citing a report by cybersecurity firm Genians, the email with the document contained a link to malware capable of stealing data from victims’ devices.
The attack targeted journalists, researchers, and human rights activists working on North Korea. The emails were sent from a fake email address that mimicked a South Korean military domain. The exact number of victims is unknown.
According to Genians, ChatGPT initially refused to generate a sample ID, but the hackers managed to circumvent the restriction by changing the wording of the request. This proves once again that artificial intelligence can be used for cybercrime — from planning attacks to creating malware or fake identities.
The Kimsuky group is known for espionage operations against South Korea. The United States considers it a unit that carries out global intelligence missions on behalf of the North Korean regime.
This isn't the first time cybercriminals have used AI. In August, Anthropic reported that North Korean hackers were using the Claude Code tool for cyberattacks and blackmail. In addition, the first computer virus using artificial intelligence recently appeared.