North Korean threat groups are leveraging artificial intelligence (AI) tools to significantly accelerate and expand their long-running operations. These sophisticated schemes involve infiltrating global companies by hiring remote technical workers for extended periods, according to a recent report from Microsoft Threat Intelligence.
The report details how AI services are acting as a potent “force multiplier,” empowering North Korean operatives across every stage of the attack lifecycle. This includes enhancing their capabilities in target research, the development of malicious resources, gaining and maintaining access to systems, evading detection, and weaponizing tools for attacks and subsequent post-compromise activities.
North Korean Threat Groups Amplify Operations with AI
Microsoft’s analysis points to a trio of North Korean threat groups – identified as Coral Sleet, Sapphire Sleet, and Jasper Sleet – that are actively employing AI. These groups are utilizing the technology to drastically reduce the time required to create convincing digital personas for specific job markets and roles. Their common entry vectors often involve exploiting financial opportunities or using interview-themed lures to gain initial access into organizations.
Persona Development and Lure Sophistication
Jasper Sleet, for instance, is reportedly using generative AI to scour job postings on platforms like Upwork. This allows them to identify in-demand skills and experience requirements, which then enables them to craft fake personas that closely align with targeted job roles. This meticulous approach to profile building increases the likelihood of their deceptive applications being accepted by hiring managers.
Furthermore, threat actors are significantly enhancing the scale and sophistication of their social engineering and initial access operations. This is achieved through the creation of AI-driven media for impersonations and the use of real-time voice modulation technologies. These advanced techniques make their deceptive communications far more convincing and harder to discern.
North Korean threat groups have been observed using AI services to generate lures that convincingly mimic internal communications. Critically, these AI-generated messages exhibit native fluency in multiple languages, making it difficult for recipients to suspect their origin.
“These technologies enable threat actors to craft highly tailored, convincing lures and personas at unprecedented speed and volume, which lowers the barrier for complex attacks to take place and increases the likelihood of successful compromise,” stated the researchers in their report. This amplified efficiency allows for more frequent and larger-scale operations.
Maintaining Access and Post-Compromise Activities
Microsoft has also documented Jasper Sleet’s use of AI applications like Faceswap. This tool is employed to superimpose the faces of North Korean IT workers onto stolen identity documents. In some instances, the same AI-generated photograph has been reused across multiple fabricated personas, indicating a systematic approach to identity deception.
Once an operative is successfully hired by a victim organization, Jasper Sleet continues to leverage AI-enabled communications. The goal is to evade detection and sustain long-term employment within the compromised network. Microsoft has observed North Korean remote IT workers using AI tools to draft professional responses to queries, answer technical questions, and generate code snippets. This helps them meet performance expectations in unfamiliar technical environments and avoid raising suspicion.
Beyond initial access and sustainment, North Korean threat groups are also using AI to refine their post-compromise activities. This automation reduces the time and expertise required for critical decision-making within compromised systems. AI-powered tasks accelerate the analysis of unfamiliar network environments, identify viable paths for lateral movement across the network, and enable operatives to blend in with legitimate user activity.
Additional AI-driven post-compromise activities include escalating privileges, locating and exfiltrating sensitive records or credentials, and actively analyzing security controls to minimize the risk of detection. This comprehensive application of AI across the attack chain demonstrates a significant evolution in their modus operandi.
The Shift Towards Agentic AI
While generative AI currently comprises most AI-related threat activities, Microsoft notes a transition towards agentic AI is underway. Agentic AI refers to AI systems capable of acting semi-autonomously to achieve goals.
“For threat actors, this shift could represent a meaningful change in tradecraft by enabling semi‑autonomous workflows that continuously refine phishing campaigns, test and adapt infrastructure, maintain persistence, or monitor open‑source intelligence for new opportunities,” the researchers wrote in the report. This hints at future capabilities developing in the threat landscape.
Microsoft has not yet observed large-scale use of agentic AI by threat actors, largely due to ongoing reliability and operational constraints. However, the report warns that ongoing experiments illustrate the significant potential agentic AI systems pose for enabling more advanced and damaging cyber activities in the future.
The next steps involve continued monitoring by cybersecurity firms like Microsoft to track the adoption and refinement of AI tools by North Korean threat groups. Organizations should remain vigilant for increasingly sophisticated social engineering tactics and advanced persistent threats. The observed transition to agentic AI introduces an unknown variable, and further research will be crucial in understanding its full impact on cybersecurity defenses.