![A North Korean flag flutters at the propaganda village of Gijungdong in North Korea, in this picture taken near the truce village of Panmunjom inside the demilitarized zone (DMZ) in South Korea on July 19, 2022. [REUTERS]](https://www.koreadailyus.com/wp-content/uploads/2025/09/0915-NorthKoreanflag.jpg)
A North Korean hacking group attempted to use fake IDs built with AI-generated deepfake photos in cyberattacks against South Korean targets, marking one of the first confirmed cases of AI being weaponized for identity fraud in the South, a South Korean security firm said on September 15.
Deepfakes in phishing attempts
Genians, a South Korean cybersecurity company, revealed in a report on September 15 that the Kimsuky group, believed to be backed by Pyongyang, tried to launch hacking attempts in South Korea in July using deepfake images created with generative AI. Investigators traced how the hackers generated fake profile photos with ChatGPT and used them to fabricate a military employee ID.
Although models such as ChatGPT block direct requests for ID creation, the hackers evaded safeguards by using prompts designed to exploit loopholes in the system.
They then attached the forged images to phishing emails titled “Request for ID card draft review” and used a deceptive domain, “mli.kr,” that mimicked the official South Korean military address “mil.kr.”
Targeting researchers and journalists
Kimsuky also targeted civilian researchers and journalists specializing in North Korea in July. The group sent emails that appeared to introduce a new AI tool for managing email accounts, but actually contained malware.
The case confirmed that hackers in South Korea are now using AI-generated fake identities and photos in cyberattacks.
![A ChatGPT logo is seen in this illustration taken on Jan. 22. [REUTERS]](https://koreajoongangdaily.joins.com/data/photo/2025/09/15/716aeb80-7c35-408a-b489-41189687b7ea.jpg)
Genians’ report stated that its analysis of technical indicators, such as malware and infrastructure, combined with contextual signs like targets, language patterns and past activity, revealed that “multiple deepfake cases correlated with threat indicators previously linked to the Kimsuky group.”
AI in global hacking efforts
AI-driven hacking attempts are on the rise worldwide, according to IT industry sources.
In August, Anthropic reported that North Korean hackers utilized its AI model, Claude, to fraudulently secure remote jobs at Fortune 500 technology firms. This involved creating fake credentials and receiving coding assistance during the application process.
OpenAI also said in June that North Korean hackers had generated fake résumés and cover letters using AI in an attempt to create false identities for cyber operations.
BY KIM MIN-JEONG [paik.jihwan@joongang.co.kr]
![Delivery robots in urban areas including LA Koreatown and Hollywood have been involved in a string of incidents, blocking fire engine responses, crossing police lines at active scenes, and colliding with homes and motorcycles. [KTLA • Reddit capture]](https://www.koreadailyus.com/wp-content/uploads/2026/02/0226-delivery-robot-compile-100x70.jpg "Troublesome delivery robots damage gardens, snarl streets")
![Judy Baca, who faces allegations of embezzling $5 million, participates in work on “The Great Wall of Los Angeles” mural in 2023. [Sangjin Kim, The Korea Daily]](https://www.koreadailyus.com/wp-content/uploads/2026/02/0226-nonprofit-1-100x70.jpg "Nonprofit leaders accused of diverting millions meant for the vulnerable")
![A screenshot of the GoFundMe fundraising page created for Kyung Chang Lee. Donations are being collected to support the family of Lee, who was killed in the San Antonio, Texas, shooting. [GoFundMe capture]](https://www.koreadailyus.com/wp-content/uploads/2026/02/0225-KyungChangLee-100x70.jpg "Family of army veteran killed in San Antonio shooting launches fundraiser")
![Downtown Guadalajara in Mexico’s state of Jalisco, which resembled a war zone on February 22 amid arson and other violence by drug cartel members, appears quiet on February 24. The area, usually crowded with tourists and residents, saw a sharp decline in foot traffic and public transportation use. [Pablo Lemus Navarro/X account]](https://www.koreadailyus.com/wp-content/uploads/2026/02/0225-Mexico-100x70.jpg "Cartel leader’s killing sparks unrest, prompts Koreans to reconsider Mexico trips")
