Incident 644: State-Sponsored Hackers Escalate Phishing Attacks Using Artificial Intelligence

Description: State-sponsored hackers from North Korea, Iran, Russia, and China are reportedly leveraging artificial intelligence to conduct sophisticated phishing and social engineering attacks. They target global defense, cybersecurity, and cryptocurrency sectors, aiming to steal sensitive information and, in the case of North Korea, cryptocurrencies to help fund its illicit nuclear program.


New ReportNew ReportNew ResponseNew ResponseDiscoverDiscoverView HistoryView History

Incident Stats

Incident ID
Report Count
Incident Date
Daniel Atherton
North Korea and Iran using AI for hacking, Microsoft says · 2024

US adversaries – chiefly Iran and North Korea, and to a lesser extent Russia and China – are beginning to use generative artificial intelligence to mount or organize offensive cyber operations, Microsoft said on Wednesday.

Microsoft said it…

North Korean hackers take phishing efforts to next level with AI tools: Report · 2024

North Korean cybercriminals have turned to artificial intelligence (AI) to advance their spear-phishing efforts targeting DPRK-focused experts and organizations, Microsoft and OpenAI announced Wednesday, a move that one expert called "frigh…

North Korean hackers use AI for more sophisticated scams · 2024

North Korean cyber criminals are turning to artificial intelligence to help Pyongyang steal cutting-edge technologies and secure funds for its illicit nuclear weapons programme.

The hackers have long targeted employees of global d…

ChatGPT Used by North Korean Hackers to Scam LinkedIn Users · 2024

Microsoft has confirmed North Korean hacking groups are using AI tools like ChatGPT to scam folks out of sensitive information on platforms like LinkedIn as the country tries to draw more funds into its nuclear weapons program.

North Korea,…

North Korean hackers use ChatGPT to scam Linkedin users · 2024

North Korean hackers are reportedly using ChatGPT to trick users on LinkedIn and other social media platforms into providing sensitive information and data, according to a report.

ChatGPT parent company OpenAI and investor Microsoft reveale…

''Attacks Are Getting Sophisticated': How North Korean Hackers Are Using ChatGPT For LinkedIn Scams · 2024

Hacking groups in North Korea, notorious for their cybercrime sprees, are increasingly employing artificial intelligence tools like ChatGPT to carry out sophisticated scams, the Financial Times reported. According to the report, hackers are…


A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.