North Korean cyber units are now leveraging advanced artificial intelligence tools to scan codebases, detect vulnerabilities, and execute sophisticated attacks across multiple blockchain networks, according to a recent report cited by CoinDesk.
These AI systems are automating reconnaissance, phishing, and money laundering — enabling small, highly efficient groups to operate with unprecedented precision.
“AI is the best tool I’ve ever had as a white-hat hacker,” said Costas Cryptos Chalkias, co-founder and chief cryptographer at Mysten Labs. “You can only imagine what happens when it’s in the wrong hands.”
AI Becomes the New Cyber Weapon
Pyongyang’s hacking divisions, which have already stolen around $2 billion in crypto assets this year, are now integrating large language models (LLMs) into nearly every phase of their operations — from reconnaissance and phishing to code analysis and laundering stolen funds.
According to Chalkias, AI eliminates the need for large teams of expert developers:
“You no longer need dozens of skilled engineers to find vulnerabilities in blockchain or smart contract code. AI can do it faster — and with terrifying accuracy.”
Record-Breaking Thefts Led by AI
The infamous Lazarus Group, North Korea’s elite hacking unit, reportedly carried out the $1.5 billion Bybit breach, which the FBI called the largest crypto hack in history.
This year’s key difference is automation. By using ChatGPT-like and Claude-style models, attackers can analyze open-source blockchain code, identify weak points, and reuse successful exploits across multiple ecosystems.
“AI can correlate past breach data and instantly pinpoint the same flaws in other projects,” Chalkias noted. “A human could never manually scan thousands of smart contracts — AI can do it in minutes.”
What was once a small state-backed hacker group has now become a digital industrial complex. One simple prompt can scale an entire cyberattack, experts warn.
Microsoft and Mandiant researchers have also reported a surge in AI-driven phishing, deepfakes, and fake job applications — all traced back to North Korean networks posing as Western developers.
Pattern-recognition algorithms now allow attackers to automatically track liquidity routes through mixers and OTC brokers, efficiently hiding transaction trails.
Quantum Threats: Still Distant, But Approaching
For years, the crypto industry viewed quantum computing as its ultimate security threat — one that could potentially crack SHA-256 and expose millions of dormant bitcoins.
However, Chalkias believes those fears are still premature:
“There’s no evidence that any existing or classified computer can break modern cryptography — we’re at least a decade away from that.”
He praised U.S. and EU agencies such as NSA and ENISA for proactively promoting quantum-resistant encryption standards. Mysten Labs, the developer of Sui, is already working on tools that would allow users to migrate assets into quantum-safe wallets when the time comes.
Still, Chalkias cautioned that AI could accelerate the arrival of quantum breakthroughs by helping design new materials and error-correction methods:
“The fusion of AI and quantum tech truly scares me — we’ve created a new species, and we can’t predict its evolution.”
AI Changes Everything — Right Now
While quantum threats remain theoretical, artificial intelligence is already reshaping cybersecurity at lightning speed.
Decentralized finance (DeFi) platforms are particularly at risk due to their open-source nature:
“AI makes it trivial to detect recurring logic errors across protocols. If one oracle breaks, dozens may share the same flaw,” Chalkias explained.
He predicts that regulators will soon require AI-based audits for exchanges and smart contracts, especially after each major model update:
“Every new GPT or Claude release exposes fresh vulnerabilities,” he said.
Chalkias urged the industry to embed AI not just in offense but in defense:
“If we don’t build anti-AI protection into everything we do, we’ll always be one step behind.”
He advocates for integrating AI-driven security layers into wallets, custodial services, and trading platforms — ensuring continuous smart-contract auditing long before regulators mandate it.
North Korea’s Next Move
Western intelligence reports suggest that, beyond cybercrime, North Korea is also deploying AI for propaganda and disinformation campaigns.
Yet, Chalkias believes social engineering enhanced by AI will remain the regime’s main offensive tool:
“They don’t need quantum computing to break crypto,” he concluded. “They just need AI to make their attacks invisible.”
