Kimsuky Group Leverages AI for Malware Targeting South Korean Government

Kaspersky reported that North Korean APT group Kimsuky is leveraging generative AI to produce malware, including a Rust-based backdoor named HelloDoor, and using AppleSeed to target Government PKI (GPKI) certificates to gain unauthorized access to South Korean government systems; the group also uses Visual Studio Code remote tunneling as an evasion technique, with infections observed among military, government, and telecom personnel, prompting calls for improved detection and updated threat intelligence.