Russian-Linked GREYVIBE Hackers Use AI Tools in Cyberattacks on Ukraine

Thumbnail Image

The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.

The GREYVIBE hacking group, linked to Russian interests, has used generative AI tools like ChatGPT and Google Gemini to enhance cyberattacks against Ukrainian military, government, and civilian targets since August 2025. AI systems aided in phishing, malware development, and infrastructure, resulting in data theft and security breaches.[AI generated]

Why's our monitor labelling this an incident or hazard?

The article explicitly mentions the use of generative AI systems (ChatGPT and Google Gemini) by hackers to conduct cyberattacks, which have caused harm to targeted groups. The involvement of AI in the malicious use of cyber capabilities leading to realized harm aligns with the definition of an AI Incident. The harm includes violations of security and potential harm to persons and communities, fulfilling the criteria for an AI Incident rather than a hazard or complementary information.[AI generated]
AI principles
Privacy & data governanceRobustness & digital security

Industries
Government, security, and defenceDigital security

Affected stakeholders
GovernmentGeneral public

Harm types
Human or fundamental rightsPublic interest

Severity
AI incident

Business function:
ICT management and information security

AI system task:
Content generation


Articles about this incident or hazard