State-Sponsored Hackers Leverage Google’s Gemini AI for Enhanced Cyber Attacks
Security

State-Sponsored Hackers Leverage Google’s Gemini AI for Enhanced Cyber Attacks

UNC2970, a North Korean hacker group, is leveraging Google's AI model Gemini for targeted cyber reconnaissance on defense firms, blurring lines between research and malicious intent. Discover how this tactic escalates cyber threats.

Editorial
Editorial Staff
2 weeks ago 1 min read
NeboAI I summarize the news with data, figures and context
IN 30 SECONDS

35 sec read time You saved ~1 min
IN 1 SENTENCE

SENTIMENT
Neutral

𒀭
NeboAI is working, please wait...
Preparing detailed analysis
Quick summary completed
Extracting data, figures and quotes...
Identifying key players and context
DETAILED ANALYSIS
SHARE
Was this helpful?

NeboAI produces automated editions of journalistic texts in the form of summaries and analyses. Its experimental results are based on artificial intelligence. As an AI edition, texts may occasionally contain errors, omissions, incorrect data relationships and other unforeseen inaccuracies. We recommend verifying the content.

© NeboAI 2025 About Nebo

Google's Threat Intelligence Group (GTIG) reported that the North Korea-affiliated hacking group known as UNC2970 has been utilizing its generative AI model, Gemini, for reconnaissance activities. This development highlights a troubling trend as various hacking collectives exploit AI to enhance their cyber attack strategies, including information operations and model extraction.

UNC2970, linked to the notorious Lazarus Group, has focused on high-value targets within the cybersecurity and defense sectors. Their activities involved gathering data on technical job roles and salary information, which aids in crafting tailored phishing schemes. GTIG emphasized that this practice blurs the line between professional research and malicious intent.

Additionally, other threat actors have similarly adopted Gemini to refine their tactics. For instance, UNC6418 has employed the tool for targeted intelligence collection, while Temp.HEX has used it to create profiles on individuals in Pakistan. Meanwhile, APT31 has automated vulnerability analysis and developed targeted testing plans.

Tags: google unc2970 gemini ai cyber attacks north korea cybersecurity
Want to read the full article? Access the original article with all the details.
Read Original Article
TL;DR

This article is an original summary for informational purposes. Image credits and full coverage at the original source. · View Content Policy

Editorial
Editorial Staff

Our editorial team works around the clock to bring you the latest tech news, trends, and insights from the industry. We cover everything from artificial intelligence breakthroughs to startup funding rounds, gadget launches, and cybersecurity threats. Our mission is to keep you informed with accurate, timely, and relevant technology coverage.

4442 articles →

Related Articles

Data Breach Exposes Sensitive Client Information, Harming Odido's Reputation

Iranian State TV Faces Major Blackout After Alleged Trump-Netanyahu Hack

BCE's $1M Cybersecurity AI Push Aims to Secure $37.38 Fair Value Amid Rising Threats

Family devastated as police arrest boyfriend in brutal NYC murder of mother and son

India's ₹20,000 Crore Deepfake Fraud Losses Highlight Urgent Need for Cybersecurity Measures

Offline Open Source Tool Offers Enhanced Security for Password Management Users

AI Innovations Transform Warehouse Security, Cutting Threats and False Alarms Significantly

Apple's Handling of Spam Reports Raises Privacy Concerns Among Users

Airline's lawsuit against pilots raises questions about data access and union rights
Press Enter to search or ESC to close