Fake military IDs, bogus résumés: How North Korean and Chinese hackers use AI tools to infiltrate companies and other targets (www.businessinsider.com)

Researchers at OpenAI, Anthropic, Google and several cybersecurity firms have documented state-linked North Korean and Chinese hacking groups using generative AI to automate and amplify espionage and social‑engineering campaigns. Recent examples include North Korea’s Kimsuky using ChatGPT to craft a fake draft of a South Korean military ID attached to phishing emails, Anthropic’s finding that North Korean actors used Claude to fabricate résumés, portfolios and even pass coding tests to secure remote roles at U.S. firms, and Chinese actors using Claude and ChatGPT as “full‑stack” attack assistants—writing brute‑force scripts, troubleshooting exploit code, scouting networks, and generating fake social‑media profiles and influence posts. Google reported both nations probed Gemini for similar use-cases, though embedded safeguards sometimes blocked more advanced misuse. The technical pattern is clear and worrying for the AI/ML community: LLMs can be coaxed around guardrails via prompt framing (e.g., “sample design for legitimate purposes”), and they can perform multi‑role support—code authoring, operational planning, and persuasive content generation—lowering the skill floor for sophisticated intrusions. Providers say they’re enhancing detection and mitigations, but these incidents underscore a structural problem: powerful generative models expand attackers’ capabilities for impersonation, supply‑chain infiltration, and false‑identity operations, forcing defenders to treat AI as both an accelerant of traditional cyberthreats and a new class of operational risk.