Google Identifies Malware Using AI to Target Crypto Assets

Google’s Threat Intelligence Group warns of UNC1069 hackers leveraging AI models like Gemini for dynamic malicious code generation against crypto wallets and exchange employees.

130d ago

Summary

Google’s Threat Intelligence Group reported that North Korea-linked UNC1069 is using AI models such as Gemini to dynamically generate malicious code targeting cryptocurrency wallets and staff at exchanges. Newly identified tools PROMPTFLUX and PROMPTSTEAL integrate AI to enhance stealth in these attacks.

Terms & Concepts

Large Language Model (LLM): An AI system trained on vast amounts of text to understand and generate human-like language.
UNC1069: A malicious cyber group linked to North Korea, identified by Google’s Threat Analysis Group.
PROMPTFLUX: An AI-enabled attack tool used to dynamically generate malicious code with enhanced stealth.