In mid-July 2025, a novel campaign emerged in which cybercriminals weaponized generative AI to fabricate deepfake images of government IDs, embedding them within spear-phishing messages that bypassed traditional antivirus safeguards.
These emails impersonated military and security institutions, complete with convincing visual assets generated by ChatGPT.
Recipients were urged to review “draft” ID cards, triggering the download of malicious archives that executed obfuscated scripts.
The sophistication of this operation underscores a troubling evolution in adversary tactics, blending artificial intelligence with legacy evasion techniques to infiltrate sensitive networks.
.webp "Hackers Using Generative AI 'ChatGPT' to Evade Anti-virus Defenses 3")
The threat actor, attributed to the Kimsuky group, leveraging both AutoIt and PowerShell, delivered a multi-stage payload from South Korean C2 servers.
Initially, a compressed archive contained a shortcut file masquerading as a legitimate document.
.webp "Hackers Using Generative AI 'ChatGPT' to Evade Anti-virus Defenses 4")
When opened, this shortcut invoked a batch command via cmd[.]exe to assemble malicious instructions stored in an environment variable.
These commands drove a series of HTTP requests to retrieve a deepfake PNG file and a batch script, both of which executed immediately upon arrival.
Genians analysts identified that the batch script employed environment-variable slicing—extracting characters one at a time using expressions like "% ab901ab [:] ~ 7,1 %"—to reconstruct the commands required for payload deployment.
This technique not only conceals malicious intent from signature-based engines but also evades heuristic detection by delaying visible actions until the full command string is built.
Metadata within the downloaded image confirmed its AI-generated origin, flagging it as a deepfake with 98% probability when analyzed through a specialized detector.
Despite its reliance on advanced AI heuristics, the campaign still hinged on classic persistence and obfuscation strategies.
Victims’ machines registered scheduled tasks under the guise of legitimate software updates, ensuring the payload ran at regular intervals.
The combined use of generative-AI assets and automated scripting created a hybrid threat that challenges conventional antivirus products.
Security teams must therefore augment their defenses with behavioral analysis and endpoint detection and response (EDR) solutions capable of monitoring script activity and scheduled-task creation in real time.
Infection Mechanism
The initial wave began with a spear-phishing email disguised as a draft review of government ID cards.
Recipients clicking the link received a ZIP archive named Government_ID_Draft[.]zip containing Government_ID_Draft[.]lnk.
This shortcut launched cmd[.]exe with a long string assigned to an environment variable, then leveraged character slicing to rebuild the malicious PowerShell command dynamically.
Upon reconstruction, the script fetched two payloads: a deepfake PNG file rendered by ChatGPT and an accompanying batch script.
.webp "Hackers Using Generative AI 'ChatGPT' to Evade Anti-virus Defenses 5")
The batch script then created a scheduled task named "HncAutoUpdateTaskMachine", disguised as a Hancom Office update, to execute HncUpdateTray[.]exe and its accompanying config[.]bin on a seven-minute interval.
Obfuscation persisted within the AutoIt-compiled script, which used a variation of the Vigenère cipher to encrypt configuration strings and hinder static analysis.
This layered approach to infection and persistence illustrates a new level of adversary innovation, integrating generative AI with traditional malware delivery pipelines.
Boost your SOC and help your team protect your business with free top-notch threat intelligence: Request TI Lookup Premium Trial.
Source link
