Iran uses ChatGPT, Gemini to supercharge cyber operations, FT reports

Iran’s military and cyber units are using ChatGPT and Gemini to generate malicious code, create fake personas and write phishing messages in fluent Hebrew and Arabic, according to the Financial Times ↘2.87%.iranintl
The hacking group APT42 reportedly used Gemini to research jamming U.S. F-35 jets and deployed deepfake voice clones to trick targets into clicking malicious links.youtube
The UAE says it faces up to 700,000 daily cyberattack attempts, with the bulk attributed to Iran-linked state actors using AI tools across more than 40 proxy groups.thecyberexpress

Iran Uses ChatGPT and Gemini to Boost Cyber Warfare Capabilities

Iran’s military and cyber apparatus are increasingly leveraging Western artificial intelligence tools, including OpenAI’s ChatGPT and Google’s Gemini, to develop malware, craft phishing messages, and conduct intelligence-gathering operations targeting the United States and Israel, according to a Financial Times investigation published on May 30.iranintl

AI-Powered Hacking Operations

The report, citing cybersecurity researchers and Iranian officials, found that Iranian-linked actors have used commercial AI systems to improve phishing campaigns in fluent Hebrew and Arabic, generate malicious code, create convincing online personas, and identify vulnerabilities in target networks. Researchers told the Financial Times that AI has lowered the barriers to conducting cyber operations, enabling Iranian hackers to produce more sophisticated content and operate at greater speed and scale.facebook

Activity has been linked to APT42, an Iranian state-associated hacking group also known as Charming Kitten, which reportedly used Google’s Gemini model to research topics including techniques for jamming American F-35 fighter aircraft. The group has also employed AI to build months-long relationships with targets — impersonating journalists and academics — before deploying malicious links, and has used deepfake voice cloning to bypass verification processes.youtube

Regional Fallout: UAE Under Siege

The scale of AI-enhanced attacks extends beyond Israel and the United States. The United Arab Emirates faces between 500,000 and 700,000 cyberattack attempts daily, according to Dr. Mohammed Al Kuwaiti, Chairman of the UAE Cyber Security Council. Al Kuwaiti attributed the bulk of the activity to Iran-linked state-sponsored actors working through more than 40 proxy organizations, with ChatGPT named as one of the tools observed in attack chains.jpost

These operations target critical infrastructure, financial services, and regional data centers, employing AI for reconnaissance, vulnerability detection, phishing email generation, malware development, and deepfake content creation.youtube

Broader Military Applications

Beyond cyber operations, the Financial Times reported that Iranian authorities have promoted wider military applications of AI, including research into drone technology, electronic warfare, and battlefield decision-making systems. The findings come amid an intensifying cyber conflict between Iran and its adversaries, with cybersecurity firm Palo Alto Networks’ Unit 42 recently documenting Iranian hackers posing as job recruiters to target software engineers in the aviation and energy sectors using AI-written fake job postings.keyt