North Korean-Linked Hackers Target South Korean Defense Entities

(MENAFN) A hacking collective allegedly connected to North Korea has executed a cyberattack targeting South Korean organizations, including a defense-related institution, by employing artificial intelligence (AI)-generated deepfake images, according to a report from a South Korean security institute on Monday.

The Kimsuky group, a hacking unit believed by Seoul to be backed by the North Korean government, attempted a spear-phishing operation on a military-affiliated organization in July, a news agency reported, referencing findings from the Genians Security Center (GSC).

Spear phishing is a deceptive tactic that involves sending emails from trusted sources to extract sensitive information.

The GSC report explained that the attackers dispatched an email containing malicious code, disguised as communication about ID issuance for military-related personnel.

The ID card image employed in the attack is thought to have been created using a generative AI model.
Ordinarily, AI platforms, including ChatGPT, refuse requests to produce copies of military identification, citing legal protections on government-issued documents.

Despite this, the hackers seemingly circumvented safeguards by asking for mock-ups or sample designs framed as "legitimate" requests, instead of directly duplicating real IDs.

The report also noted that incidents like this underscore Pyongyang's "growing attempts to exploit AI services for increasingly sophisticated malicious activities."

MENAFN15092025000045017167ID1110061413