What happened: WIRED reports on findings from cybersecurity firm Expel: a North Korea–linked operation used commercial AI tools to build phishing infrastructure, write malware, and run a broad campaign targeting crypto developers—stealing up to $12 million in roughly three months, according to Expel’s estimates.

Why it matters: The scary part isn’t genius hacking; it’s competence inflation. Give a low-skill crew autocomplete for code, websites, and copywriting, and suddenly the barrier to running a large malware pipeline drops from ‘be good’ to ‘be persistent.’

Wider context: Researchers describe AI being used across the operation—fake job-offer lures, fake company sites, malware development, even prompts accidentally left exposed. The piece argues this ‘force multiplier’ is a present-tense problem, not a future Mythos-style zero-day fantasy.

Background: The story cites comments from security researchers (including Marcus Hutchins) and notes prior threat-intelligence reporting from OpenAI and Anthropic about North Korean actors using their tools; companies say they block accounts, but the value to attackers is still speed and scale.

AI Tools Are Helping Mediocre North Korean Hackers Steal Millions — WIRED

Singularity Soup Take: This is the new baseline: nation-state vibes, startup tooling, and crime-syndicate incentives. The ‘agent era’ isn’t just assistants doing your spreadsheets—it’s assistants helping someone else draft the email that steals your payroll.

Key Takeaways:

• Force Multiplier: The reported benefit is not novel capability but throughput—AI helps operators spin up lures, infrastructure, and code faster, enabling larger campaigns from less-skilled teams.
• Target Choice Matters: The campaign focused on individual developers and small projects, where enterprise-grade endpoint detection is less common—meaning generic, pattern-based malware can still work at scale.
• Operational Footprints: Expel and researchers reportedly found exposed prompts and sloppy infrastructure, suggesting AI can raise output while leaving telltale artifacts—useful for defenders, if they are actually looking.