LIVE
Ethereum Reached Record Q1 On-Chain Users and Transaction Volume: ReportMorgan Stanley's Ethereum, Solana ETFs Target 0.14% FeeCME Sues CFTC Over Kalshi Perpetual FuturesKraken Launches In-App Trading for 2,500+ Solana TokensBitcoin Rodney Pleads Guilty in $1.8B HyperFund Fraud CaseCME to Sue CFTC Over Approval of Crypto Perpetual FuturesWorld Datacentre Summit Philippines 2026 Opens Sponsorship, Speaking, and Exhibition OpportunitiesARK Invest Buys $18.4 Million in Coinbase Shares Across Three ETFsWorld Datacentre Summit Malaysia 2026 Opens Sponsorship, Speaking, and Exhibition OpportunitiesKentucky Files Lawsuits Against Kalshi and PolymarketEthereum Reached Record Q1 On-Chain Users and Transaction Volume: ReportMorgan Stanley's Ethereum, Solana ETFs Target 0.14% FeeCME Sues CFTC Over Kalshi Perpetual FuturesKraken Launches In-App Trading for 2,500+ Solana TokensBitcoin Rodney Pleads Guilty in $1.8B HyperFund Fraud CaseCME to Sue CFTC Over Approval of Crypto Perpetual FuturesWorld Datacentre Summit Philippines 2026 Opens Sponsorship, Speaking, and Exhibition OpportunitiesARK Invest Buys $18.4 Million in Coinbase Shares Across Three ETFsWorld Datacentre Summit Malaysia 2026 Opens Sponsorship, Speaking, and Exhibition OpportunitiesKentucky Files Lawsuits Against Kalshi and Polymarket
Friday, June 19, 2026

BLOCKCHAIN • CRYPTOCURRENCY • NARRATIVE JOURNALISM

Subscribe
Homepage/News/Google Flags North Korea, Iran, China for AI...
NEWS

Google Flags North Korea, Iran, China for AI in Cyberattacks

BY Solomon M.·2 MIN READ·NOVEMBER 7, 2025

Threat Intelligence: AI in Cybercrime

State-sponsored threat groups from North Korea, Iran, and China have been flagged by Google’s Threat Intelligence Group for using AI tools in malicious activities, impacting digital infrastructure as announced in November 2025.

KEY FINDINGS - EVIDENCE LEVEL: MULTI-SOURCE
1Key sections mapped in this report
0Internal references connected to related coverage
2External source domains cited in the article
2 minEstimated time to read the full report
Key Points:
  • North Korea, Iran, and China are using AI in malware development and crypto theft.
  • Key players include North Korea’s UNC1069 and UNC4899, China’s APT41, and Iran’s APT42.
  • The cyber activities threaten global cryptocurrency infrastructure and user security.

These activities pose severe risks to cryptocurrency security, with Ethereum particularly affected. The market’s reaction is cautiously alert, emphasizing enhanced protective measures for digital asset holders.

Google’s Threat Intelligence Group identified North Korea, Iran, and China for utilizing AI tools in malware development and crypto theft. These activities threaten global cryptocurrency infrastructure and user security, posing increased risks to digital assets.

Main Content

Key players include North Korean groups UNC1069 and UNC4899, with China’s APT41 and Iran’s APT42. They utilize AI for developing sophisticated phishing and exploitation techniques targeting cryptocurrency exchanges and wallet providers globally.

Immediate impacts include potential crypto market volatility and loss of user trust in digital platforms. Ethereum and Bitcoin have been significantly affected by these cyber activities, with targeted credential theft and laundering schemes.

Financially, North Korean hackers reportedly stole $1.5 billion in Ethereum from ByBit. Such thefts not only affect market stability but also demonstrate the geopolitical economic strategies of these nations. User security has become a major concern.

Google Threat Intelligence Group (GTIG) stated, “State-sponsored actors from North Korea, Iran, and the People’s Republic of China (PRC) continue to misuse generative AI tools including Gemini to enhance all stages of their operations…

Continued cyberattacks could lead to regulatory shifts as governments and organizations bolster defenses. The integration of AI in cybercrime underscores a critical need for advanced security protocols in cryptocurrency handling and exchanges.

Historical data indicates ongoing state-sponsored cyber activities, suggesting an increase in cryptocurrency-targeted crimes. This highlights the necessity for regulated environments and collaboration between industry and government to enhance digital asset security and user protection.

Disclaimer:

The content on The CCPress is provided for informational purposes only and should not be considered financial or investment advice. Cryptocurrency investments carry inherent risks. Please consult a qualified financial advisor before making any investment decisions.

SOURCE TRANSPARENCY
  • External Source - Referenced domain: cdn.openai.com
  • External Source - Referenced domain: cyber.nj.gov
  • Byline - Reported by Solomon M.
  • Coverage Desk - Primary editorial category: News
  • Media Asset - Featured image served from the WordPress media library
NEWS

More from News