Chinese and Iranian hackers are using US AI products to bolster cyberattacks

Hackers linked to China, Iran and other foreign governments are using new AI technology to bolster their cyberattacks against U.S. and global targets, according to U.S. officials and new security research.

In the past year, dozens of hacking groups in more than 20 countries turned to Google’s Gemini chatbot to assist with malicious code writing, hunts for publicly known cyber vulnerabilities and research into organizations to target for attack, among other tasks, Google’s cyber-threat experts said.

While Western officials and security experts have warned for years about the potential malicious uses of AI, the findings released Wednesday from Google are some of the first to shed light on how exactly foreign adversaries are leveraging generative AI to boost their hacking prowess. This week, the China-built AI platform DeepSeek upended international assumptions about how far along Beijing might be the AI arms race, creating global uncertainty about a technology that could revolutionize work, diplomacy and warfare.

Groups with known ties to China, Iran, Russia and North Korea all used Gemini to support hacking activity, the Google report said. They appeared to treat the platform more as a research assistant than a strategic asset, relying on it for tasks intended to boost productivity rather than to develop fearsome new hacking techniques. All four countries have generally denied U.S. hacking allegations.

Researchers found that a range of hacking groups were using Gemini, but that Chinese and Iranian groups had relied on it the most.

“AI is not yet a panacea for threat actors and may actually be a far more important tool for defenders," said Sandra Joyce, vice president of threat intelligence at Google. “The real impact here is they are gaining some efficiency. They can operate faster and scale up."

Current and former U.S. officials said they think foreign hacking units are turning to other chatbots as well. Last year, OpenAI also revealed some information about five foreign hacking groups using ChatGPT and said it had disabled the accounts associated with them. That research likewise found that cyberattackers weren’t using ChatGPT for generating significant or novel cyberattacks. A Google spokeswoman said the company terminated accounts linked to malicious activity outlined in its report but declined to disclose how many accounts in total were disrupted.

The company found that a range of sophisticated hacking groups—also known as advanced persistent threats—were using Gemini, but that Chinese and Iranian groups had relied on the tool the most.

More than 20 China-linked groups and at least 10 Iran-linked groups were seen using Gemini, Google said, making them easily the most active countries seeking to use the chatbot. Iranian groups, which exhibited the heaviest overall use, pursued an array of goals on Gemini, including research into defense organizations to target with hacking attempts and generation of content in English, Hebrew and Farsi to be used in phishing campaigns.

China was the next most frequent user of Gemini, the report said, with hacking groups linked to Beijing also conducting reconnaissance on targets in addition to attempting to learn more about specific hacking tactics, including how to exfiltrate data, evade detection and escalate privileges once inside a network.

In North Korea, hackers used Gemini to draft cover letters for research jobs, likely in support of the regime’s efforts to have its spies hired for remote technology jobs to earn what U.S. officials have said is hundreds of millions in revenue to support its nuclear weapons program. Russia, meanwhile, used the platform relatively sparingly and for mostly mundane coding-related tasks.

Laura Galante, director of the U.S. Cyber Threat Intelligence Integration Center during the Biden administration, said the new details published by Google were generally consistent with the findings of U.S. intelligence agencies on how adversaries are seeking to weaponize generative AI.

“They’re using Gemini to get a leg up in crafting their victim lists and probably improving the effectiveness of the human-directed parts of their operations," Galante said. She added that large-language models didn’t appear to be “a game changer in terms of the scale of compromises or enabling new tactics or novel operations—but these are still the relatively early days."

Despite modest uses of generative AI so far, both the U.S. and China see AI technologies as pivotal to future supremacy. The possibility that China’s DeepSeek is rivaling top-tier AI models for a fraction of the cost sent shock waves through Silicon Valley and Washington this week. Unlike Google, DeepSeek’s creators have released their product’s source code, making its misuse harder to track and virtually impossible to prohibit.

DeepSeek’s low cost could have significant national-security implications, too. For years, senior U.S. intelligence officials have warned that China and other adversaries are racing to develop and deploy AI systems to support—and in some cases supplant—their existing military and intelligence objectives.

In a blog post Wednesday, Kent Walker, Google’s chief legal officer, said continued export controls on U.S. chips were needed and urged the U.S. government—including the military and spy agencies—to update the procurement process to make it easier to adopt AI services.

“America holds the lead in the AI race—but our advantage may not last," Walker said.

Write to Dustin Volz at dustin.volz@wsj.com and Robert McMillan at robert.mcmillan@wsj.com