Anthropic Reports First Large-Scale Cyberattack Driven Mostly by AI
Company says a Chinese state-linked group jail-broke Claude Code to run an espionage campaign with minimal human involvement.
Topics
News
- How Google’s “Near-Accurate” AI Overviews Fuels Misinformation
- Automation Foundation Key to AI Success, Says Report
- Anthropic Keeps Its Latest AI Mythos Behind Closed Doors
- Oman Advances Smart Grid Ambitions with Digital Twin AI Initiative
- Intel Comes On Board for Musk’s Terafab AI Chip Project
- Big Tech Data Centers Confront Water, Energy, and Accountability Pressures
[Image creative: Chetan Jha/MITSMR India]
Anthropic has disclosed a major AI-enabled cyber-espionage campaign, saying a suspected Chinese state-sponsored group manipulated its Claude Code tool to infiltrate around 30 organizations worldwide.
The attack, detected in September, targeted tech firms, financial institutions, chemical manufacturers and government agencies, and is believed to be the first documented large-scale cyber-operation executed with minimal human intervention.
According to Anthropic, the attackers “jail-broke” Claude by breaking down tasks into seemingly benign prompts disguised as legitimate cybersecurity testing.
Once triggered, the AI carried out reconnaissance, system mapping, exploit code writing, credential harvesting and data exfiltration. The company estimates AI performed 80-90% of the operation, acting at speeds and scale impossible for human hackers.
The campaign drew on recent advances in AI autonomous workflows, including reasoning, tool-use and access to network scanning and password-cracking systems. Human operators intervened only occasionally.
On discovery, Anthropic says it banned accounts, notified affected organizations and worked with authorities during a ten-day investigation.
The firm is now releasing details publicly and urging stronger safeguards, improved threat sharing and preparations for increasingly automated cyber operations.
