The smarter AI becomes, the more dangerous hackers are. North Korean hackers are using ChatGPT to forge identities.

A hacker organization suspected to be supported by the North Korean government (Kimsuky) is using ChatGPT to forge drafts of South Korean military identification, making phishing attempts appear credible by linking to malware that can extract data from the recipient's device.

It is suspected that Kimsuky, supported by North Korea, is using ChatGPT to forge identification.

According to research released by the South Korean cybersecurity company Genians, a suspected North Korean government-backed hacking group (Kimsuky) used ChatGPT to forge drafts of South Korean military identification cards to create realistic images, making phishing attacks appear more credible. Genians stated that the email did not contain real images, but instead linked to malware capable of extracting data from the recipient's device.

Kimsuky is suspected to be supported by North Korea and has previously been linked to other espionage activities targeting South Korea. The U.S. Department of Homeland Security stated in a 2020 advisory report that Kimsuky is likely tasked by the North Korean regime to carry out global intelligence gathering missions.

The phishing targets in this wave of cybercrime include South Korean journalists, researchers, and human rights activists who are focused on North Korean issues. The phishing emails also came from an email address ending in .mil.kr, which impersonated a South Korean military email address.

Hackers are keeping up with the times using AI tools. Are you keeping up?

According to a report by Bloomberg, OpenAI stated in February of this year that it has banned suspected North Korean accounts from using the service to create false resumes, job applications, and social media posts to recruit individuals to assist with their plans.

However, this time the researchers from Genians attempted to use ChatGPT while investigating forged identification documents. Since it is illegal to replicate government identification documents in South Korea, ChatGPT initially refused the request when asked to create identification documents, but was able to bypass this restriction after modifying the prompt.

Anthropic stated in August that it discovered North Korean hackers using the Claude Code tool to be employed by a Fortune 500 tech company in the United States and working remotely. In this case, Claude helped them establish complex false identifications, evaluate through coding, and deliver actual technical work after being hired.

This also indicates that hackers are utilizing emerging artificial intelligence during the attack process, including attack scenario planning, malware development, tool creation, and impersonating recruiters, which indeed makes the overall process easier and faster. As AI technology evolves rapidly, hackers are making good use of this tool to continuously push the limits.

AI not only reshapes industry structures but also quietly changes people's lifestyles. The general public needs to actively learn the basics of AI knowledge and application skills, mastering new technologies to remain competitive in the workplace. When using AI tools, one should also stay alert to avoid disclosing personal sensitive information and pay attention to suspicious messages and unfamiliar links.

This article discusses how as AI becomes smarter, hackers become more dangerous. North Korean hackers are using ChatGPT to forge identification, first appearing in LinkNews ABMedia.