The Kimsky Group used 'ChatGPT' in the attack. ID cards forged in deepfakes were used, and batches files and AutoIT scripts avoided security detection.
  • Emergence of APT attacks by the Kimsuky group using generative AI “ChatGPT”
  • Exploiting deepfake images of South Korean military agency ID cards to access ID issuance tasks
  • Attempts to evade anti-virus defenses through batch files and AutoIt scripts
  • Adoption of EDR is essential to detect obfuscated malicious scripts and ensure endpoint security