Translation result
We’ve entered an era in which artificial intelligence autonomously uncovers security flaws that human hackers once hunted through the night — and even generates the exploit code to hit them.
That’s the stark reality Google recently confirmed from the cyber front lines. Security analysts are raising the alarm after finding evidence that North Korean hacking groups, long accused of siphoning large sums in virtual assets, are weaponizing AI to industrialize cyber operations.
Machines That Probe and Strike on Their Own
Google’s Threat Analysis Group reported it had, for the first time, found evidence that AI discovered previously unknown zero-day vulnerabilities and produced Python executable code to exploit them.
Attackers leveraged AI’s vast computational power to bypass web-based two-factor authentication. Ironically, the telltale sign was an AI-specific artifact — so-called hallucinations — embedded in the attack logic.
Investigators found fabricated vulnerability scores injected into attack scripts where no such scores originally existed. That pattern made it clear a machine — not a human operator — produced the hacking tools.
China and Russia have also aggressively entered the race to automate offensive cyber operations with AI.
China-linked groups have tasked AI to act as virtual security experts, sweeping industrial control systems for weaknesses and launching autonomous reconnaissance strikes against Japanese technology firms.
Russian-linked actors are using AI to churn out polymorphic malware and deceptive logic designed to confuse defenses and evade detection.
AI has moved cyber operations into an autonomous strike phase: it can analyze systems, map attack paths and execute them without step-by-step human direction.
North Korea’s Cyber Arsenal That Has Swallowed 10 trillion KRW (about 7.5 billion USD)
The most immediate and severe threat comes from North Korea. APT45, a group linked to Pyongyang, has been feeding thousands of prompts into AI systems to automatically validate attack code.
This is not an experimental exercise. It’s a deliberate effort to use machines to rapidly build a sprawling cyber-weapon stockpile — complete with large-scale attack capabilities and an exhaustive vulnerabilities database.
Pyongyang has already turned virtual-asset theft into a major foreign-exchange revenue stream. Industry estimates put the digital assets siphoned by North Korean hackers worldwide since 2016 at close to 10 trillion KRW (about 7.5 billion USD).
South Korea’s losses have been mounting. The assets stolen in the 2019 domestic exchange breach now exceed 1.4 trillion KRW (about 1.05 billion USD) at today’s rates. In November last year, attackers again drained significant assets, with North Korea’s Lazarus group identified as a principal operator.
Officially confirmed domestic damage totals at least several hundred billion KRW (hundreds of millions USD). With AI acting as an unlimited force multiplier, forecasting the future destructive reach of North Korea’s cyber campaigns is increasingly difficult.
Beyond virtual assets, thefts of defense technologies and state secrets leave gaps in national security that can’t be measured in monetary terms alone.
On the invisible cyber battlefield, machine-led adversaries have already launched a concerted offensive. This is a fundamentally new class of threat that traditional, passive defenses are ill-equipped to stop, and it has already moved up to our doorstep.
Most Commented