Anthropic AI Weaponized In State Sponsored Cyber Espionage Campaign A few months ago, Anthropic detailed how its Claude AI model was used in a vibe hacking extortion scheme. Now, the company reports a significant escalation, claiming a state-backed hacker group in China utilized Claude in an attempted infiltration of 30 corporate and political targets worldwide, achieving some success. Anthropic labeled this the first documented case of a large-scale cyberattack executed without substantial human intervention. The hackers first selected their targets, which included unnamed tech companies, financial institutions, and government agencies. They then used Claude Code to develop an automated attack framework. To bypass the model’s safety training, the hackers broke the planned attack into smaller, seemingly benign tasks. They reportedly told Claude they were a cybersecurity firm using the AI for defensive training purposes, effectively tricking the system into cooperating. After writing its own exploit code, Claude was able to steal usernames and passwords. This access allowed it to extract a large amount of private data through backdoors it had created. The AI even documented the attacks and stored the stolen data in separate files, demonstrating a high level of autonomous operation. The hackers used AI for 80 to 90 percent of the operation, intervening only occasionally. This allowed Claude to orchestrate the attack in far less time than a human-led operation would have required. While the attack was not flawless, with some of the obtained information turning out to be publicly available, Anthropic warns that such AI-powered attacks will likely become more sophisticated and effective over time. Anthropic publicized this incident to highlight both the risks and the defensive potential of its technology. The company stated its investigation shows why Claude is crucial for cyber defense. It said the same AI was successfully used to analyze the threat level of the data collected during the attack. The company ultimately positions Claude as a dual-use tool that can assist cybersecurity professionals in responding to future attacks. Claude is not the only AI model being exploited by malicious actors. Last year, OpenAI reported that its generative AI tools were being used by hacker groups with ties to China and North Korea. Those groups used AI to assist with code debugging, researching targets, and drafting phishing emails. OpenAI stated it had blocked the groups access to its systems. The emergence of AI as a key tool in both offensive and defensive cybersecurity marks a new era in digital conflict.
