More AI malware has been found - and this time, crypto developers are under attack

• KONNI uses AI-generated malware, shifting focus to blockchain and crypto developers
• Phishing lures delivered AI-generated PowerShell backdoor, enabling access to sensitive developer environments
• CPR urges AI-driven defenses, stronger phishing prevention, and stricter cloud access controls

Security researchers have found more malware being developed with the help of Gen AI, as the use of AI tools in cybercrime moves from theory into practice, and that defenders should also start integrating AI into their tech stack.

Security outfit Check Point Research (CPR) has detailed KONNI, a known North Korean state-sponsored threat actor that has been around for more than a decade.

According to CPR, KONNI is known for targeting South Korean politicians, diplomats, academics, and other similar targets. However, after more than a decade of chasing after political and diplomatic targets, KONNI shifted its attention towards software developers - specifically, blockchain and crypto developers.