AI Tools Are Helping Mediocre North Korean Hackers Steal Millions

Expel disclosed a North Korean state-sponsored operation, HexagonalRodent, that leveraged AI tools (including OpenAI, Cursor, and Anima) to generate phishing sites, malware-laced coding tests, and other infrastructure targeting crypto/NFT/Web3 developers; the campaign infected more than 2,000 machines and may have facilitated up to $12 million in stolen cryptocurrency while also leaving parts of its infrastructure exposed.