Adrian Johnson
TLDR:
- North Korean hackers are using ChatGPT to scam LinkedIn users
- Microsoft and OpenAI disrupted five state-affiliated actors involved in malicious cyber activities
The report revealed that North Korean hackers, specifically the Emerald Sleet group, are using AI services like ChatGPT to target users on LinkedIn and other social media platforms to gather sensitive information. The group impersonated reputable organizations to lure victims into providing expert insights about topics related to North Korea. While no significant cyberattacks have been reported, this activity indicates an exploration of new technology use cases by adversaries.
Full Article:
North Korean hackers have been identified using ChatGPT to deceive users on LinkedIn, as reported by Microsoft and OpenAI. The groups involved in this malicious cyber activity were associated with China, Iran, North Korea, and Russia. The North Korea-affiliated Emerald Sleet, also known as Kimsuky, used ChatGPT to target experts and organizations focused on defense issues in the Asia-Pacific region. This activity involved understanding vulnerabilities, basic scripting tasks, and drafting content for phishing campaigns.
South Korea’s National Intelligence Service detected signs that North Korea was incorporating generative AI into its hacking attacks. The agency found a spike in hacking attempts in South Korea’s public sector, with suspicions of using overseas IT workers for malicious activities. Erin Plante from Chainalysis mentioned that North Korean hackers create authentic-looking profiles on professional networking sites to carry out their schemes.
OpenAI stated that GPT-4’s capabilities in aiding malicious cybersecurity tasks are limited to what can already be achieved with publicly accessible tools. Last year, North Korean hackers targeted cryptocurrency clients by infiltrating a U.S. enterprise software company’s systems.
