How North Korea’s unstoppable hackers are weaponising AI

ChatGPT, DeepSeek and Google’s Gemini are among the AI models that North Korean hackers are exploiting for fraud, experts warn

Reading Time:3 minutes

North Korean hackers have already demonstrated how effective AI can be in furthering their schemes. Photo: Shutterstock

Published: 8:00am, 9 Mar 2025Updated: 12:20pm, 9 Mar 2025

In their relentless quest for foreign currency, North Korean cybercriminals have turned to artificial intelligence as a powerful new tool – one that analysts warn may be nearly impossible to block.

Despite efforts by major US-based AI companies, such as OpenAI and Google, to crack down on accounts linked to Pyongyang’s state-backed hackers, cybersecurity experts say these measures are unlikely to stem the tide.

Since late January, OpenAI, the creator of ChatGPT, and Google have announced measures to shut down accounts suspected of being tied to North Korean operatives. They have also revealed how their platforms have been manipulated for illicit purposes. But the regime’s hackers and scammers can easily bypass restrictions using virtual private networks, shell companies and brokers, industry insiders warn.

“Threat actors will use the cheapest and most efficient tool to get the job done,” Rafe Pilling, director of threat intelligence at the US-based cybersecurity firm Secureworks, told This Week in Asia.

“Many cybercriminals prefer online services that are free to sign up for or can be paid for via cryptocurrency. This would likely be true for North Korean IT workers as well.”

North Korean operatives need not rely solely on US-based AI tools like ChatGPT or Google Gemini, either. Analysts point out that cheaper, more accessible generative AI platforms are being developed worldwide – and some may offer fewer safeguards against misuse.