Newsgather
BackNorth Korean Hackers Using AI to Target South Korean Authentication System
North Korean Hackers Using AI to Target South Korean Authentication System
En développement
Yonhap News14.05.2026Tech1 dk okumaSouth Korea

North Korean Hackers Using AI to Target South Korean Authentication System

Kaspersky report links Kimsuky group to AI-generated malware and new cyberattack tactics

L'essentiel

A North Korea-linked hacking group, Kimsuky, is reportedly using AI to develop malware targeting South Korea's government electronic authentication system, posing a significant security threat.

Résumé généré par IA

Pourquoi c'est important

A North Korean hacking group known as Kimsuky has been identified by cybersecurity researchers as employing advanced techniques, including the use of artificial intelligence, to target South Korean government systems, specifically their electronic authentication infrastructure.

Taille de police

A North Korea-linked hacking group is leveraging artificial intelligence (AI) technology to develop malicious software targeting the South Korean government's electronic authentication system, a Russian cybersecurity firm said Thursday.

Kaspersky said in its latest report its researchers discovered that "HelloDoor," a backdoor malware program first identified last August, was linked to the North Korean hacking group Kimsuky.

"We found comments in the code that appear to have been generated by a large language model (LLM) service rather than a human developer. This is based on traces that include emojis used for logging debugging messages," the report said.

The report also highlighted new cyberattack tactics employed by the state-sponsored hacking group.

Since last year, Kimsuky has been using a feature called "Visual Studio Code Remote Tunneling" instead of deploying malware directly to establish covert remote access to victims' devices, according to the report.

The report noted that these advancements pose greater threats, particularly to South Korean government institutions, which have been the primary targets of the hacking group.

In particular, Kimsuky's "AppleSeed" malware is mainly used to extract key data from the South Korean government's authentication system used on government servers.

The report warned that if authentication data is compromised, hackers could gain unauthorized access to internal government systems through hijacked accounts, posing a broader security threat to the nation's infrastructure.

À surveiller

Perspective IA — des possibilités, pas des certitudes

  • South Korea will likely increase its cybersecurity defenses and potentially retaliate through cyber or diplomatic means.

    Probable · En quelques semaines

  • Other nation-states may accelerate their adoption of AI for both offensive and defensive cyber operations.

    Probable · En quelques mois

  • Further reports detailing specific vulnerabilities exploited by Kimsuky will emerge.

    Possible · En quelques semaines

Questions ouvertes

  • What specific AI models or services were used by the hackers?
  • What is the extent of the compromise to the South Korean authentication system?
  • What measures are being taken by the South Korean government to counter this threat?
  • Has this AI-driven attack led to any actual data breaches or system infiltrations?

Sujets liés

This article was originally published by Yonhap News.

Articles liés

넥슨·스마일게이트, LA 애니메 엑스포서 신작 게임 체험존 운영
En développement·17 sa önce

넥슨·스마일게이트, LA 애니메 엑스포서 신작 게임 체험존 운영

넥슨과 스마일게이트가 북미 최대 서브컬처 행사 'LA 애니메 엑스포'에 참가해 신작 게임 체험 부스를 운영하며 현지 팬들의 큰 호응을 얻고 있다. 넥슨은 '프로젝트 RX'의 인터랙티브 체험과 '블루 아카이브' DJ 공연을, 스마일게이트는 '카오스 제로 나이트메어'와 '미래시' 시연 공간을 선보였다.

연합뉴스
Plus sur ce sujetnorth korea