Adversarial Misuse of Generative AI

2025-01-29 • Google •

https://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai

#APT43 #ITWorker

Thumbnail for Adversarial Misuse of Generative AI

Google Threat Intelligence Group examined how government-backed APT and information-operations actors attempted to use Gemini for operational support. The source says actors used the tool mainly for research, troubleshooting, content generation, localization, infrastructure research, reconnaissance, vulnerability research, payload development, and scripting assistance. GTIG did not observe novel AI-enabled attack techniques or successful prompt attacks, and it says Gemini did not produce malware or other content that could plausibly enable a successful malicious campaign in the reviewed activity.

Related Actors

APT43

Mandiant

Kimsuky

First seen: Mar 2023

Last seen: May 2026

Related Reports

2025-02-12 • 90% Match

Cybercrime: A Multifaceted National Security Threat

Google

#Trend #APT38 #APT43 #UNC4899 #UNC3782 #UNC1069 #ITWorker #APT45

Shares tags: APT43, ITWorker • Same author: Google • Published within a month

2025-05-14 • 65% Match

Exposing DPRK’s Cyber Underworld

Dtex Systems

#Whitepaper #Konni #TraderTraitor #APT37 #AppleJeus #CryptoCore #TEMP.Hermit #APT43 #RubySleet #ITWorker #MoonstoneSleet #APT45 #GwisinGang

Shares tags: APT43, ITWorker

2025-02-12 • 60% Match

APT PROFILE – APT43

Cyfirma

#APT43 #T1102.002 #T1082 #T1059.003 #T1567.002 #T1140 #T1005 #T1070.004 #T1587.001 #T1041 #T1608.001 #T1071.001 #T1112 #T1083 #T1056.001 #T1059.006 #T1204.001 #T1059.007 #T1036 #T1027 #T1204.002 #T1566.002 #T1555.003 #T1057 #T1059.005 #T1583.006 #T1518.001 #T1566.001 #T1547.001 #T1585.002 #T1053.005 #T1598.003 #T1583.001 #T1059.001 #T1036.005 #T1552.001 #T1585.001 #T1105 #T1219 #T1055 #T1553.002 #T1562.001 #T1027.002 #T1133 #T1190 #T1098 #T1016 #T1074.001 #T1588.002 #T1055.012 #T1587 #T1078.003 #T1071.002 #T1562.004 #T1550.002 #T1111 #T1071.003 #T1591 #T1003.001 #T1218.011 #T1593.002 #T1586.002 #T1588.005 #T1583.004 #T1036.004 #T1589.003 #T1594 #T1218.010 #T1557 #T1593.001 #T1218.005 #T1589.002 #T1584.001 #T1070.006 #T1021.001 #T1560.001 #T1176 #T1136.001 #T1543.003 #T1012 #T1534 #T1560.003 #T1007 #T1564.003 #T1114.003 #T1114.002 #T1564.002 #T1040 #T1546.001 #T1505.003

Shares tag: APT43 • Published within a month

2024-10-03 • 45% Match

Unmasking DarkPlum: inside the operations of DPRK's elite cyber espionage group

NTTSecurity

#Cryptocurrency #Kimsuky #Phishing #APT43 #Government #Espionage #Defense #DarkPlum

Shares tag: APT43

2026-05-14 • 40% Match

Disclosing new PebbleDash-based tools by Kimsuky

Kaspersky

#Kimsuky #Phishing #AppleSeed #PebbleDash #BlackBanshee #VelvetChollima #GitHub #ADS #APT43 #RubySleet #Springtail #HappyDoor #JSE #SparklingPisces #HttpTroy #VSCode #T1059.003 #T1005 #T1041 #T1113 #T1071.001 #T1056.001 #T1027 #T1566.001 #T1547.001 #T1053.005 #T1059.001 #T1105 #T1219 #T1543.003

Shares tag: APT43

2025-11-12 • 40% Match

Inside The Shellcode Dissecting North Korean Apt43s Advanced Powershell Loader

Bloo

#APT43

Shares tag: APT43

« Back