Incident 644: State-Sponsored Hackers Escalate Phishing Attacks Using Artificial Intelligence

Description: State-sponsored hackers from North Korea, Iran, Russia, and China are reportedly leveraging artificial intelligence to conduct sophisticated phishing and social engineering attacks. They target global defense, cybersecurity, and cryptocurrency sectors, aiming to steal sensitive information and, in the case of North Korea, cryptocurrencies to help fund its illicit nuclear program.

Tools

New Report New Response DiscoverView History

Entities

View all entities

Alleged: North Korean government , Iranian government , Russian government and Chinese government developed an AI system deployed by North Korean hackers , Iranian hackers , Russian hackers and Chinese hackers, which harmed Individual professionals on LinkedIn , Global defense companies , Cybersecurity firms and Cryptocurrency exchanges.

Incident Stats

Incident ID

644

Report Count

Incident Date

2024-02-18

Editors

Applied Taxonomies

GMF, MIT

MIT Taxonomy Classifications

Machine-Classified

Taxonomy Details

Risk Subdomain

4.3. Fraud, scams, and targeted manipulation

Risk Domain

Malicious Actors & Misuse

Entity

Human

Timing

Post-deployment

Intent

Intentional

Incident Reports

Reports Timeline

North Korea and Iran using AI for hacking, Microsoft says

theguardian.com

North Korean hackers take phishing efforts to next level with AI tools: Report

nknews.org

North Korean hackers use AI for more sophisticated scams

ft.com

ChatGPT Used by North Korean Hackers to Scam LinkedIn Users

tech.co

North Korean hackers use ChatGPT to scam Linkedin users

readwrite.com

''Attacks Are Getting Sophisticated': How North Korean Hackers Are Using ChatGPT For LinkedIn Scams

ndtv.com

theguardian.com · 2024

US adversaries – chiefly Iran and North Korea, and to a lesser extent Russia and China – are beginning to use generative artificial intelligence to mount or organize offensive cyber operations, Microsoft said on Wednesday.

Microsoft said it…

nknews.org · 2024

North Korean cybercriminals have turned to artificial intelligence (AI) to advance their spear-phishing efforts targeting DPRK-focused experts and organizations, Microsoft and OpenAI announced Wednesday, a move that one expert called "frigh…

ft.com · 2024

North Korean cyber criminals are turning to artificial intelligence to help Pyongyang steal cutting-edge technologies and secure funds for its illicit nuclear weapons programme.

The hackers have long targeted employees of global d…

tech.co · 2024

Microsoft has confirmed North Korean hacking groups are using AI tools like ChatGPT to scam folks out of sensitive information on platforms like LinkedIn as the country tries to draw more funds into its nuclear weapons program.

North Korea,…

readwrite.com · 2024

North Korean hackers are reportedly using ChatGPT to trick users on LinkedIn and other social media platforms into providing sensitive information and data, according to a report.

ChatGPT parent company OpenAI and investor Microsoft reveale…

ndtv.com · 2024

Hacking groups in North Korea, notorious for their cybercrime sprees, are increasingly employing artificial intelligence tools like ChatGPT to carry out sophisticated scams, the Financial Times reported. According to the report, hackers are…

Variants

A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.

Previous Incident Next Incident