top of page
Search

Google Identifies State-Sponsored Hackers Leveraging Gemini AI for Reconnaissance and Attack Support

  • Feb 12
  • 3 min read

Key Findings


  • North Korea-linked threat actor UNC2970 used Google's Gemini AI model to conduct reconnaissance on its targets, including searching for information on major cybersecurity and defense companies and mapping specific technical job roles and salary information.

  • Other state-backed hacking groups, including UNC6418 (unattributed), Temp.HEX or Mustang Panda (China), APT31 or Judgement Panda (China), APT41 (China), UNC795 (China), and APT42 (Iran), have also integrated Gemini into their workflows for various purposes such as targeted intelligence gathering, automating vulnerability analysis, and developing web shells and scanners.

  • Google also detected a malware called HONESTCUE that leverages Gemini's API to outsource functionality generation for the next-stage, and an AI-generated phishing kit codenamed COINBAIT that's built using Lovable AI and masquerades as a cryptocurrency exchange for credential harvesting.

  • Google identified and disrupted model extraction attacks that aimed to systematically query Gemini to extract information and build a substitute model that mirrors the target's behavior.


Background


UNC2970 is a North Korean hacking group that overlaps with a cluster tracked as Lazarus Group, Diamond Sleet, and Hidden Cobra. It's known for orchestrating a long-running campaign codenamed Operation Dream Job targeting the aerospace, defense, and energy sectors with malware under the guise of job openings.


UNC2970's Use of Gemini for Reconnaissance


  • The group used Gemini to synthesize OSINT and profile high-value targets to support campaign planning and reconnaissance.

  • The target profiling included searches for "information on major cybersecurity and defense companies and mapping specific technical job roles and salary information."

  • This activity blurs the boundaries between routine professional research and malicious reconnaissance, allowing the state-backed actor to craft tailored phishing personas and identify soft targets for initial compromise.


Other State Actors' Gemini Integration


  • UNC6418 (unattributed) used Gemini to conduct targeted intelligence gathering, specifically seeking out sensitive account credentials and email addresses.

  • Temp.HEX or Mustang Panda (China) used Gemini to compile a dossier on specific individuals, including targets in Pakistan, and to gather operational and structural data on separatist organizations.

  • APT31 or Judgement Panda (China) used Gemini to automate the analysis of vulnerabilities and generate targeted testing plans by claiming to be a security researcher.

  • APT41 (China) used Gemini to extract explanations from open-source tool README.md pages, as well as troubleshoot and debug exploit code.

  • UNC795 (China) used Gemini to troubleshoot their code, conduct research, and develop web shells and scanners for PHP web servers.

  • APT42 (Iran) used Gemini to facilitate reconnaissance and targeted social engineering by crafting personas that induce engagement from the targets, as well as develop a Python-based Google Maps scraper, a SIM card management system in Rust, and research the use of a proof-of-concept (PoC) for a WinRAR flaw.


Malware and Phishing Campaigns Leveraging Gemini


  • HONESTCUE is a downloader and launcher framework that sends a prompt via Google Gemini's API and receives C# source code as the response, which is then compiled and executed in memory.

  • COINBAIT is an AI-generated phishing kit built using Lovable AI that masquerades as a cryptocurrency exchange for credential harvesting.

  • Google also identified a recent wave of ClickFix campaigns that leverage the public sharing feature of generative AI services to host realistic-looking instructions to fix a common computer issue and ultimately deliver information-stealing malware.


Model Extraction Attacks Targeting Gemini


  • Google identified and disrupted model extraction attacks aimed at systematically querying Gemini to extract information and build a substitute model that mirrors the target's behavior.

  • In a large-scale attack of this kind, Gemini was targeted by over 100,000 prompts that posed a series of questions aimed at replicating the model's reasoning ability across a broad range of tasks in non-English languages.


Sources


  • https://thehackernews.com/2026/02/google-reports-state-backed-hackers.html

  • https://cyberscoop.com/state-hackers-using-gemini-google-ai/

  • https://x.com/shah_sheikh/status/2022009230165709156

  • https://www.facebook.com/thehackernews/posts/-google-tracked-multiple-state-groups-using-gemini-for-vuln-research-exploit-deb/1292781209553126/

  • https://www.artificialintelligence-news.com/news/state-sponsored-hackers-ai-cyberattacks-google/

  • https://www.bleepingcomputer.com/news/security/google-says-hackers-are-abusing-gemini-ai-for-all-attacks-stages/

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page