About Us Contact Us Privacy Policy Terms of Use DMCA Opt-out of personalized ads
© Copyright 2023 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.

North Korean Hackers Use ChatGPT to Scam Social Media Users; Crypto Clients Are the Biggest Target

There are signs that North Korea is using generative AI in its hacking and other illicit cyber operations.
Image Source: Photo by Airam Dato-on | Pexels
Image Source: Photo by Airam Dato-on | Pexels

A shocking discovery has been made in a recent report regarding the tactic employed by Pyongyang hackers. This group of hackers is using ChatGPT as a tool to defraud people who use such platforms as LinkedIn and other social networks by making them share secret information. OpenAI disclosed this information through its partnership with Microsoft, which is its investor.

Image Source: Photo by Tima Miroshnichenko | Pexels
Hackers are using ChatGPT to defraud people (representative image) | Photo by Tima Miroshnichenko | Pexels

Last week, five government-affiliated groups were stopped by OpenAI and Microsoft who intended to exploit artificial intelligence for cybercrime. Microsoft's further investigation helped in identifying and closing down accounts related to two Chinese groups (Charcoal Typhoon and Salmon Typhoon), one Iranian group (Crimson Sandstorm), one North Korean group (Emerald Sleet alias Kimsuky), and one Russian group (Forest Blizzard). The AI technology was being utilized by these groups for evil purposes. Particularly, Emerald Sleet (Kimsuky) was acting as a genuine organization seeking insights into North Korean foreign policies from unsuspecting individuals.

Although there was no clear proof of any big cyberattacks by these groups, the research suggests a concerning tendency among hackers to investigate the potential of the internet. OpenAI additionally disclosed that the North Korean group Emerald Sleet was utilizing ChatGPT to identify defense professionals and companies in the Asia-Pacific area as well as to acquire information on security weaknesses and generate content for phishing their operations. According to Yonhap, there are signs that North Korea is using generative AI in its hacking and other illicit cyber operations. This information is provided by South Korea's state intelligence agency.

Homeland security Pexels | By Pixabay
Cyber security is essential (representative image) | Pixabay | Pexels

Pushed by a senior National Intelligence Service (NIS) official, North Korean hackers are now using generative AI to find possible targets for their hacks and obtain the tools they need to carry out their illegal operations. According to the NIS, there were 36% more hacking attempts in South Korea's public sector last year, or around 1.62 million attempts every day. Also, the NIS believes that North Korea is using its foreign-stationed IT professionals to land jobs at IT companies. Once there, they allegedly insert harmful codes into these organizations' software applications with the intention of stealing cryptocurrency.

Erin Plante, vice-president of investigations of cybersecurity startup Chainalysis, which specializes in cryptocurrency, told the Financial Times that North Korean hacking gangs have been fabricating realistic-looking recruitment profiles on social media sites like LinkedIn. She also mentioned that generative AI helps with several activities right from start to end, including picture creation, identity fabrication, and communications, which help hackers build rapport with their targets.

Image Source: Photo by Tracy Le Blanc | Pexels
Social media apps | Photo by Tracy Le Blanc | Pexels

OpenAI highlighted that their findings are consistent with outside evaluations, showing that GPT-4's potential to assist with "malicious cybersecurity tasks" is limited to what can already be accomplished with publicly available tools that don't rely on AI. It seems that cryptocurrency clients are the group's biggest target and it turns out that North Korean-affiliated hackers had also compromised the networks of American enterprise software provider JumpCloud to target cryptocurrency customers last year.