Abusing generative AI to infiltrate internal systems
Criminal proceeds of about 2.1 trillion won last year
There is analysis indicating that North Korea is actively using generative artificial intelligence (AI) tools such as ChatGPT and Gemini for hacking crimes.
On the 25th, the headquarters of cybersecurity company CrowdStrike published its "2026 Global Threat Report" on its website, covering the activities of North Korean hacker group "Famous Chollima" over the past year. According to CrowdStrike, Famous Chollima's criminal activities in 2025 surged to twice the level of the previous year.
Famous Chollima uses a variety of hacking techniques. Among these, it was found to frequently employ social engineering attacks, meaning hacking crimes in which members infiltrate an organization directly and disrupt systems from the inside. For example, they pose as legitimate recruiters, approach software developers, and under the pretext of conducting hiring assessments, lure them into downloading malicious code.
In particular, Famous Chollima has been actively using generative AI since last year. AI is used to create fake resumes, produce interview videos using deepfakes, and fabricate false identities. By employing these methods, Famous Chollima attempted intrusions and hacking attacks against more than about 300 companies.
Another North Korea-linked hacker group, "Pressure Chollima," directly attacked a software supply chain in February last year and succeeded in obtaining criminal proceeds of 1.46 billion dollars (about 2.1 trillion won). Pressure Chollima stole software developers' access credentials related to development work, then abused those credentials to directly infiltrate the systems of the virtual asset exchange Bybit. They then transferred the exchange's virtual assets to their own crypto wallets.
CrowdStrike warned, "North Korea-linked hacking groups are highly likely to continue their activities this year with priorities on collecting military intelligence, stealing virtual assets, and generating revenue," adding, "Global fintech companies, tech companies, and defense-related firms are likely to become targets."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
