Home Technology North Korean hackers use ChatGPT to scam Linkedin users

North Korean hackers use ChatGPT to scam Linkedin users

70
0


North Korean hackers are reportedly using ChatGPT to trick users on LinkedIn and other social media platforms into providing sensitive information and data, according to a report.

ChatGPT parent company OpenAI and investor Microsoft revealed last week that it had “disrupted five state-affiliated actors that sought to use AI services in support of malicious cyber activities.”

Using Microsoft Threat Intelligence, accounts associated with two China-affiliated threat actors known as Charcoal Typhoon and Salmon Typhoon, the Iran-affiliated threat actor known as Crimson Sandstorm, the North Korea-affiliated actor known as Emerald Sleet, and the Russia-affiliated actor known as Forest Blizzard were identified and terminated.

Microsoft, which owns LinkedIn, noted that Emerald Sleet, also known as Kimsuky, impersonated “reputable academic institutions and NGOs to lure victims into replying with expert insights and commentary about foreign policies related to North Korea.”

It said in its blog post that it had not found evidence of these actors having carried out any significant cyberattacks but that much of its findings were “representative of an adversary exploring the use cases of a new technology.”

OpenAI reported that North Korea’s Emerald Sleet account used its services “to identify experts and organizations focused on defense issues in the Asia-Pacific region, understand publicly available vulnerabilities, help with basic scripting tasks, and draft content that could be used in phishing campaigns.”

How North Korean hackers are targeting LinkedIn

According to Yonhap, South Korea’s state intelligence agency detected signs that North Korea tried incorporating generative AI into its hacking attacks and other illicit cyber activities.

“Recently, it has been confirmed that North Korean hackers use generative AI to search for hacking targets and search for technologies needed for hacking,” a senior official at the National Intelligence Service (NIS) told reporters. The NIS said it found a daily average of 1.62 million hacking attempts in South Korea’s public sector last year, up 36% from a year ago.

The NIS added that it is also suspected of using its overseas IT workers to find jobs at IT companies to plant malicious codes on software programs they developed at the companies to steal cryptocurrencies.

Erin Plante, vice-president of investigations at crypto-focused cyber security company Chainalysis, told the Financial Times that “North Korean hacking groups have been seen to create credible-looking recruiter profiles on professional networking sites such as LinkedIn.”

“Generative AI helps with chatting, sending messages, creating images and new identities — all the things you need to build that close relationship with your target,” she added.

OpenAI stated that its findings align with external evaluations, indicating that GPT-4’s capabilities in aiding “malicious cybersecurity tasks” are limited to what can already be accomplished using publicly accessible tools that do not utilize AI.

Last year, it was reported that North Korea-backed hackers targeted cryptocurrency clients by infiltrating the systems of U.S. enterprise software company JumpCloud.

Featured image: Canva / DALL·E

Suswati Basu

Freelance journalist

Suswati Basu is a multilingual, award-winning editor and the founder of the intersectional literature channel, How To Be Books. She was shortlisted for the Guardian Mary Stott Prize and longlisted for the Guardian International Development Journalism Award.

With 18 years of experience in the media industry, Suswati has held significant roles such as head of audience and deputy editor for NationalWorld news, digital editor for Channel 4 News
and ITV News. She has also contributed to the Guardian and received training at the BBC As an audience, trends, and SEO specialist, she has participated in panel events alongside Google.

Her career also includes a seven-year tenure at the leading AI company Dataminr, where she led the Europe desk and launched the company’s first employee resource group for disabilities. Before this, Suswati worked as a journalist in China for four years, investigating censorship and the Great Firewall, and acquired proficiency in several languages.

In recent years, Suswati has been nominated for six awards, including the Independent Podcast Awards, International Women’s Podcast Awards, and the Anthem Awards for her literary social affairs show.

Her areas of speciality span a wide range, including technology, Diversity, Equity, and Inclusion (DEI), social politics, mental health, and nonfiction books.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here