North Korean hackers have gained work in the West. They passed the recruitment thanks to AI
Opeli, Anthropic and Google described the cases in which their chatbots were abused. From false documents to invented CVs – North Korean and Chinese hackers used AI tools to increase the scale of espionage and slip into companies and other goals.
In the latest case, the North Korean hacker group known as Kimsuki used ChatgPT to generate a false sketch of South Korean military evidence.
Read also at Business Insider
False evidence was attached to phishing e-mails lining under the South Korean defensive institution responsible for issuing certificates to officials related to the army-said the South Korean company dealing with the cyber security genuans.
Kimsuki was associated with a series of espionage campaigns aimed at people and organizations in South Korea, Japan and the USA. In 2020, the US Internal Security Department stated that the group “It was most likely commissioned by the North Korean regime a global mission to collect intelligence information.”
The Koreans from the north gained work and performed tasks
ChatgPT blocks attempts to generate official government identity evidence. But The model could be persuaded to create convincing mockupsif the command has been formulated as “an example project for legal purposes, and not playing real military evidence,” Genians said.
It was not the first time that North Korean hackers use AI to infiltrate foreign entities. Anthropic wrote in the report last month that North Korean hackers used his Claude tool to acquire and maintain false remote employment in American technology companies from the Fortune 500 list. Hackers used Claude to create a convincing CV and portfolio, give programming tests and even perform real technical tasks when they have already received work.
Last year, US officials said that North Korea employed people for remote positions in American companies, using false or stolen identity as part of a massive for extortion.
See also: He was a security specialist in Facebook. Advises parents how to dose children's access to children
Chinese hackers do it too
Anthropic wrote in the same report that a man from China used Claude for over nine months as a versatile assistant in cyber attacks aimed at the main Vietnamese telecommunications suppliers, agricultural systems and government databases.
Hacker He used Claude as “technical advisor, code creator, security analyst and operational consultant throughout his entire campaign” Anthropic said.
Anthropic added that he introduced new ways to detect abuse of his tools.
Chinese hackers also asked ChatgPT for help in their cyber -camps. They asked Chatbot to generate code for the so -called Bruteforce – an attack of generating thousands of combinations of user and password names until one works. They used chatgpt to search for information about American defensive networks, satellite systems and government identity verification cards.
The OPENAI report indicated an influence operation with its registered office in China, which used chatgpt for generating posts in social media to fuel divisions in US policyincluding false profile photos so that the accounts look like real people.
“Every operation that we thwart gives us a better understanding of how hackers are trying to abuse our models and allows us to refine our defense,” OpenAI wrote in the June report.
Not only Claude and Chatgpt
North Korean and Chinese hackers also experimented with Gemini Google to expand their operations. Chinese groups used Chatbot to solve code problems and gain “deeper access to the victims' network, while hackers from North Korea used Gemini to edit false cover letters and search for job advertisements in IT – Google said in the January report.
Google has stated that Gemini's security prevented hackers from using it for more advanced attacks, such as obtaining information enabling manipulation of Google products.
John Hultquist, the main analyst at Google Threat Intelligence Group, said in an interview with Business Insider that Hackers have been using generative AI for almost six years.
– AI is intensively used by entities behind the scheme with IT employees; They use it to search for job offers, create a CV and conduct correspondence, and even create false certificates – he added.
Opeli and Anthropic did not respond to Business Insider's request for comment. These companies reported that they have published their arrangements for hackers to help others improve security.
Ai makes hacking easier
Cyber security experts have long been warned that AI has potential to facilitate hacker attacks and disinformation operations.
“Hackers use AI models to infiltrate companies,” Business Insider Yuval Fernbach, technology director for machine learning operations at the JFROG software supply chain, in a report published in April.
“We see very, a lot of attacks,” Fernbach said, adding that malicious code is easy to hide in the opening of large language models. Hackers usually turn off systems, steal information or change the website's results or tools.
Online companies also fell victim to deepfakes and fraud. Rob Duncan, Vice President for Strategy at the Cyber security company Netcraft, told Business Insider that he is not surprised by the growth of personalized phishing attacks aimed at small companies.
Genai tools now allow even a beginner a lonely perpetrator with little technical knowledge clone the brand's image and write flawless, convincing messages of fraud in a few minutes – said Duncan. Thanks to cheap tools “The attacker is easier to impersonate employees, deceive customers or impersonate partners on many channels” He added.
The above text is a translation with American Business Insider edition
