Kimsuky uses ChatGPT images to target the SK military

Cybersecurity researchers at Genians discovered that North Korean hackers from the Kimsuky organization employed artificially generated photographs during recent attacks on South Korean defense institutions. The threat actors distributed malicious electronic messages containing fabricated identification card samples designed for military and civilian personnel. These attackers bypassed commercial AI platform limitations by framing their requests as legitimate design mockups rather than actual credential reproduction. The cybercriminals also established deceptive web addresses that closely resembled official Korean defense domains. ChatGPT technology reportedly produced the counterfeit identification materials, according to the security investigation.

This incident reflects broader patterns of North Korean cyber groups integrating artificial intelligence into their operations. Anthropic researchers have previously documented similar tactics, where hackers created false professional profiles to exploit overseas technology employment opportunities. These digital tools help operatives overcome language barriers and technical skill deficiencies during recruitment processes. Artificial intelligence systems enable post-employment task completion and enhance phishing campaigns with technology-themed content. Security experts emphasize the urgent need for protective measures against such AI-enabled cyber threats.