North Korean hackers using AI to find flaws, Google warns

State-sponsored hackers from North Korea and China have shown “significant interest” in using artificial intelligence (AI) to discover previously unknown cybersecurity vulnerabilities, Alphabet’s Google said in a report released Tuesday.

“We noted a particular interest from several clusters of threat activity associated with the People's Republic of China (PRC) and the Democratic People's Republic of Korea (DPRK),” Google’s Threat Intelligence Group said, referring to North Korea by its official name, News.Az reports, citing Kyodo.

According to the report, these groups have already demonstrated advanced methods of using AI for vulnerability research, including a recent case involving North Korea’s hacking group APT45.

The North Korean hackers reportedly used AI to generate thousands of repetitive prompts designed to recursively analyze cybersecurity systems and identify potential weak points that could be exploited.

The report added that Google itself used AI tools to detect hackers from a criminal group attempting to use a “zero-day exploit” intended for a “mass exploitation” campaign, successfully blocking the activity.

Zero-day exploits refer to vulnerabilities that are unknown to organizations and developers, leaving no time to fix them before attackers can use them.

Google said the incident marks the first time it has identified attackers using AI to discover new vulnerabilities and attempt large-scale exploitation.

The findings come amid growing global concerns about cybersecurity risks tied to advanced AI systems, following the introduction of Claude Mythos, the latest AI model from U.S. startup Anthropic, which specializes in identifying software security vulnerabilities.

Anthropic has chosen not to release the model publicly, instead limiting access to selected companies and institutions for defensive security testing purposes.

News.Az 

By Nijat Babayev