Reconnaissance General Bureau
Incidents involved as Deployer
Incidente 111839 Reportes
Ongoing Purported AI-Assisted Identity Fraud Enables Unauthorized Access to Western Companies by North Korean IT Workers
2021-01-01
North Korean operatives have reportedly used AI-generated identities to secure remote jobs or impersonate employers in order to infiltrate companies. These tactics allegedly support sanctions evasion through wage theft, credential exfiltration, and malware deployment. Workers reportedly use fake resumes, VPNs, and face-altering tools; some deploy malware like OtterCookie after embedding, while others lure targets via spoofed job interviews. AI systems are reportedly used to generate fake resumes, alter profile photos, and assist in real-time responses during video interviews.
MásIncidente 12081 Reporte
North Korea's Kimsuky Group Reportedly Uses AI-Generated Military ID Deepfakes in Phishing Campaign
2025-07-17
Genians reported a phishing campaign by North Korea's Kimsuky group using purportedly AI-generated deepfake military ID cards. Emails reportedly impersonating South Korean defense institutions carried ZIP files with forged IDs whose photos were reportedly created using generative AI. When opened, hidden malware reportedly executed, downloading scripts disguised as Hancom Office updates. This reportedly marked an evolution in Kimsuky's tactics, using AI decoys to boost social engineering.
Más