Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
coming Its AI hacking tools It raised fears about the near future Anyone can use automated tools to look for exploitable vulnerabilities Any piece of softwarelike some kind of digital hacking superpower. However, here nowadays, AI seems to play a more mundane, if still worrying, role in the hacker’s toolkit: it helps average hackers scale up and execute large-scale, effective malware campaigns. This includes one group of relatively unskilled North Korean cybercriminals who were discovered using artificial intelligence to carry out almost every part of the operation that hacked thousands of victims to steal their cryptocurrencies.
Cybersecurity firm Expel on Wednesday revealed what it describes as a state-sponsored cybercrime operation in North Korea that installed credential-stealing malware on more than 2,000 computers, specifically targeting the devices of developers working on small cryptocurrency launches, NFT creation, and Web3 projects. Using US-based companies’ AI tools, including OpenAI, Cursor, and Anima, the hacking group – which Expel calls HexagonalRodent – was able to “Lively encrypted“Almost every part of the hacking campaign, from writing malware to creating fake websites for companies used in phishing schemes. This AI-powered hacking allowed the group to steal up to $12 million in cryptocurrency from victims in three months.”
Marcus Hutchins, the security researcher who discovered the group, says what’s most surprising about the HexagonalRodent hacking campaign is not its sophistication, but how artificial intelligence tools allowed a seemingly unsophisticated group to carry out a lucrative theft spree in the service of the North Korean state.
“These operators don’t have the skills to write code,” says Hutchins, who has since become well-known in the cybersecurity community. “They don’t have the skills to build the infrastructure. AI actually enables them to do things they wouldn’t have been able to do otherwise.” Disable WannaCry ransomware Created by North Korean hackers.
Scattered emojis, code written by AI
The HexagonalRodent hack focused on scamming cryptocurrency developers Fraudulent job offers At tech companies, we’ve gone so far as to create entire websites for fake companies recruiting victims, often created using AI-based web design tools. Eventually, the victim was told they would have to download and complete a coding task as a test, as the hackers infected them with malware that infiltrated their devices and stole credentials, including ones that in some cases could grant access to the keys that control their cryptocurrency wallets.
These parts of the hacking operation appear to have been well polished and effective, but the hackers were also clumsy enough to leave parts of their infrastructure insecure, leaking claims they used to write their malware using tools including ChatGPT and OpenAI’s Cursor. They also exposed a database where they tracked victims’ wallets, allowing Expel to estimate the total amount of cryptocurrency the hackers may have stolen. (Although these wallets added up to $12 million in total contents, Hutchins says the company could not confirm for each target whether the full amount had already been drained from the wallets or whether the hackers would still need to obtain the keys to victims’ wallets in some cases, since some may be protected by hardware security codes.)
Hutchins also analyzed samples of malware created by hackers and found other evidence suggesting they were created largely — and perhaps entirely — using artificial intelligence. It was carefully explained through comments – in English – which are hardly the typical crypto habits of North Koreans, despite the fact that some of the malware’s command and control servers linked it to known hacking operations in North Korea. The malware’s code was also full of emojis, which Hutchins points out could in some cases serve as evidence that the software was written with a large language model, since programmers who type on a computer keyboard rather than a phone rarely take the time to include emojis. “It’s a well-documented sign of code written by AI,” Hutchins says.