AI as tradecraft: How threat actors operationalize AI

Microsoft Threat Intelligence has observed threat actors operationalizing artificial intelligence along the cyberattack lifecycle. Actors abuse intended model capabilities and jailbreaking techniques to Threat actors treat AI as a force multiplier that reduces technical friction and accelerates execution. Human operators retain control over objectives, targeting and deployment decisions. This pattern appears especially in operations focused on revenue generation, where efficiency supports greater scale and persistence. Observations from North Korean remote IT worker activity tracked as Jasper Sleet and Coral Sleet illustrate the trend. AI enables sustained large scale misuse of legitimate access through identity fabrication, social engineering and long term operational persistence at low cost. Actors prompt models to generate name lists, email address formats and summaries of job postings to develop fraudulent digital personas. Threat actors also experiment with jailbreak techniques such as role based prompts to elicit restricted outputs. Examples include instructing models to respond as a trusted cybersecurity analyst or to assist a cybersecurity student with reverse proxies. Early experimentation with agentic AI for iterative decision making and task execution has been observed, though limited Microsoft Threat Intelligence has identified and disrupted thousands of accounts associated with fraudulent IT worker activity. The company partners with industry and platform providers to mitigate misuse while advancing responsible AI practices.