• Technology

    North Korean hackers generate fake South Korean military ID using ChatGPT

    AnyFans Posted on

    By Sead Fadilpašić

    Copyright techradar

    North Korean hackers generate fake South Korean military ID using ChatGPT

    Skip to main content

    Tech Radar Pro

    Tech Radar Gaming

    Close main menu

    the business technology experts

    België (Nederlands)

    Deutschland

    North America

    US (English)

    Australasia

    New Zealand

    View Profile

    Search TechRadar

    Expert Insights

    Website builders

    Web hosting

    Best web hosting
    Best office chairs
    Best website builder
    Best antivirus
    Expert Insights

    Don’t miss these

    Microsoft warns North Korean hackers are expanding fake job schemes – as Feds announce further crackdown

    Researcher tricks ChatGPT into revealing security keys – by saying “I give up”

    When the insider Is the adversary: North Korea’s remote work espionage campaign

    Hackers are now mimicking government websites using AI – everything you need to know to stay safe

    Experts warn this top GenAI tool is being used to build phishing websites

    Watch out AI fans – cybercriminals are using jailbroken Mistral and Grok tools to build powerful new malware

    Asking ChatGPT to help with your security qualms could be putting your data at serious risk

    Criminals and scammers are using hacked websites and expired domain names to ‘poison’ ChatGPT with spammy recommendations – here’s how to stay safe

    Notorious North Korean hacking group Kimsuky gets hacked itself – revealing some of its deepest secrets

    Cybercriminals are abusing LLMs to help them with hacking activities

    OpenAI is reportedly upping security following rumored foreign threats

    Google Gemini can be hijacked to display fake email summaries in phishing scams

    ChatGPT Agent shows that there’s a whole new world of AI security threats on the way we need to worry about

    ChatGPT and other AI tools could be putting users at risk by getting company web addresses wrong

    SMBs are being hit by malicious productivity tools – Zoom and ChatGPT spoofed by hackers

    North Korean hackers generate fake South Korean military ID using ChatGPT

    Sead Fadilpašić

    16 September 2025

    The GenAI tool was tricked into generating the ID, researchers said

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

    (Image credit: Shutterstock)

    North Korean hackers used ChatGPT to generate a fake military ID for spear-phishing South Korean defense institutions
    Kimsuky, a known threat actor, was behind the attack and has targeted global policy, academic, and nuclear entities before
    Jailbreaking AI tools can bypass safeguards, enabling creation of illegal content like deepfake IDs despite built-in restrictions

    North Korean hackers managed to trick ChatGPT into creating a fake military ID card, which they later used in spear-phishing attacks against South Korean defense-related institutions.

    The South Korean security institute, Genians Security Center (GSC), reported the news and have obtained a copy of the ID and analyzed its origin.
    As per Genians, the group behind the fake ID card is Kimsuky – a known, infamous state-sponsored threat actor, responsible for high-profile attacks such as the ones at Korea Hydro & Nuclear Power Co, the UN, and various think tanks, policy institutes, and academic institutions across South Korea, Japan, the United States, and other countries.

    You may like

    Microsoft warns North Korean hackers are expanding fake job schemes – as Feds announce further crackdown

    Researcher tricks ChatGPT into revealing security keys – by saying “I give up”

    When the insider Is the adversary: North Korea’s remote work espionage campaign

    Tricking GPT with a “mock-up” request
    Generally, OpenAI and other companies building Generative AI solutions have set up strict guardrails to prevent their products from generating malicious content. As such, malware code, phishing emails, instructions on how to make bombs, deepfakes, copyrighted content, and obviously – identity documents – are off limits.

    However, there are ways to trick the tools into returning such content, a practice generally known as “jailbreaking” large language models. In this case, Genians says the headshot was publicly available, and the criminals likely requested a “sample design” or a “mock-up”, to force ChatGPT into returning the ID image.
    “Since military government employee IDs are legally protected identification documents, producing copies in identical or similar form is illegal. As a result, when prompted to generate such an ID copy, ChatGPT returns a refusal,” Genians said. “However, the model’s response can vary depending on the prompt or persona role settings.”
    “The deepfake image used in this attack fell into this category. Because creating counterfeit IDs with AI services is technically straightforward, extra caution is required.”

    Are you a pro? Subscribe to our newsletter
    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
    Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
    The researchers further explained that the victim was a “South Korean defense-related institution” but did not want to name it.
    Via The Register
    You might also like

    Google says hackers stole some of its data following Salesforce breach
    Take a look at our guide to the best authenticator app
    We’ve rounded up the best password managers

    Sead Fadilpašić

    Social Links Navigation

    Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

    You must confirm your public display name before commenting

    Please logout and then login again, you will then be prompted to enter your display name.

    Microsoft warns North Korean hackers are expanding fake job schemes – as Feds announce further crackdown

    Researcher tricks ChatGPT into revealing security keys – by saying “I give up”

    When the insider Is the adversary: North Korea’s remote work espionage campaign

    Hackers are now mimicking government websites using AI – everything you need to know to stay safe

    Experts warn this top GenAI tool is being used to build phishing websites

    Watch out AI fans – cybercriminals are using jailbroken Mistral and Grok tools to build powerful new malware

    Latest in Security

    Bags of info stolen from multiple top luxury brands – double check your data now

    Google confirms hackers created their own account in sensitive law enforcement portal

    Chinese malware is flooding GitHub pages – HiddenGh0st, Winos and kkRAT hit devs via SEO poisoning

    CISA blasted by US watchdog for wasting funds and retaining the wrong employees

    Researchers uncover huge IPTV piracy network spanning 1,000 domains and 10,000 IP addresses – here’s what you need to know

    It doesn’t take a genius to be a cybercriminal – and open source ransomware is making it easier than ever

    Latest in News

    TechRadar Choice Awards 2025: Fitness & Home Tech categories – vote for your winners now!

    How to watch Love Island Games season 2 online and for FREE from anywhere

    TikTok to be saved in the US as Trump confirms a deal with China ahead of upcoming ban

    OpenAI reveals biggest-ever study of how people are using ChatGPT – here are 3 things we’ve learned

    TechRadar Choice Awards 2025: TV, Streaming & Audio categories – vote for your winners now!

    Adobe Stock celebrates 10th birthday with pay out for contributors and one long-awaited update I think creators will love

    LATEST ARTICLES

    Hallmark+’s biggest Halloween and Christmas movies of 2025 will have ‘a different flavor’, and I cannot wait

    North Korean hackers generate fake South Korean military ID using ChatGPT

    TechRadar’s best camera of 2025 is back down to a record-low price with this tariff-defying deal

    TechRadar Choice Awards 2025: Fitness & Home Tech categories – vote for your winners now!

    TechRadar Choice Awards 2025: TV, Streaming & Audio categories – vote for your winners now!

    TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

    Contact Future’s experts

    Terms and conditions

    Privacy policy

    Cookies policy

    Advertise with us

    Web notifications

    Accessibility Statement

    Future US, Inc. Full 7th Floor, 130 West 42nd Street,

    Please login or signup to comment

    Please wait…

    You Might Also Like