Artificial IntelligenceCybersecurityNewswireTechnology

North Korean Hackers Use AI-Forged Military IDs in Phishing Attack

Photo of The Wiz The Wiz Follow on X Send an email September 17, 2025Last Updated: September 17, 2025
1 minute read
Laptop displaying brain-shaped code on screen, with blurred figures working in a cybersecurity command center in the background.
▼ Summary

– North Korean threat actor Kimsuky used AI to create fake South Korean military ID card images for a spear-phishing campaign.
– The group leveraged ChatGPT to generate these images to enhance the authenticity of their phishing emails and lure victims.
– The campaign impersonated a South Korean defense institution and targeted researchers, activists, and journalists.
– This attack marks an evolution in Kimsuky’s tactics, building on previous ClickFix-based phishing campaigns from June.
– The malicious emails contained deepfake ID card attachments with a 98% probability of being AI-generated.

A North Korean state-sponsored hacking group has escalated its cyber operations by incorporating artificially generated military identification cards into a sophisticated phishing scheme. Security analysts at Genians uncovered this tactic, noting that the Kimsuky collective used AI tools to fabricate convincing South Korean military credentials. These forged documents were embedded in emails impersonating defense personnel, lending a deceptive layer of legitimacy to their malicious outreach.

The campaign specifically targeted academics, activists, and reporters focused on North Korea, leveraging fabricated military ID images to trick recipients into engaging with harmful links. According to the September 15th advisory from Genians, this represents a clear instance of deepfake technology being weaponized for cyber-espionage. The initial detection occurred on July 17th, building upon a prior wave of phishing activities attributed to the same threat actor just one month earlier.

Both attack sequences deployed identical malware engineered to facilitate data exfiltration and remote system access. By closely mimicking official South Korean defense email domains and attaching AI-generated PNG files, the threat actors increased the perceived credibility of their ruse. Forensic analysis indicated a 98% probability that the attached identification cards were synthetic, underscoring the growing sophistication of phishing tools available to hostile state actors.

(Source: InfoSecurity Magazine)

Topics

north korean threat 95% ai-generated images 93% spear-phishing campaign 90% Deepfake Technology 88% military impersonation 87% cybersecurity firm 85% targeted victims 83% malicious link 82% data theft 80% clickfix attacks 79%
Tags
Photo of The Wiz The Wiz Follow on X Send an email September 17, 2025Last Updated: September 17, 2025
1 minute read
Photo of The Wiz

The Wiz

Wiz Consults, home of the Internet is led by "the twins", Wajdi & Karim, experienced professionals who are passionate about helping businesses succeed in the digital world. With over 20 years of experience in the industry, they specialize in digital publishing and marketing, and have a proven track record of delivering results for their clients.