NK-linked hackers using AI to develop malware targeting S. Korean gov't system: report

A North Korea-linked hacking group is leveraging artificial intelligence (AI) technology to develop malicious software targeting the South Korean government's electronic authentication system, a Russian cybersecurity firm said Thursday. Kaspersky said in its latest report its researchers discovered that "HelloDoor," a backdoor malware program first identified last August, was linked to the North Korean hacking group Kimsuky. "We found comments in the code that appear to have been generated by a large language model (LLM) service rather than a human developer. This is based on traces that include emojis used for logging debugging messages," the report said. The report also highlighted new cyberattack tactics employed by the state-sponsored hacking group. Since last year, Kimsuky has been using a feature called "Visual Studio Code Remote Tunneling" instead of deploying malware directly to establish covert remote access to victims' devices, according to the report. The report noted that these advancements pose greater threats, particularly to South Korean government institutions, which have

Original source: Korea Times