Anthropic Reports First Large-Scale Cyberattack Driven Mostly by AI
Company says a Chinese state-linked group jail-broke Claude Code to run an espionage campaign with minimal human involvement.
Topics
News
- DeepSeek Previews V4 Model for Agentic AI Tasks
- Reliance Meta AI Venture Names Parminder Singh CEO
- Meta Layoffs, Microsoft Buyouts Signal AI Reset
- Employers Turn to Certifications as AI Skills Gaps Bite
- Nasscom Names Fractal's Velamakanni as Chairperson
- OpenAI Releases GPT 5.5 for Coding, Enterprise Work
[Image creative: Chetan Jha/MITSMR India]
Anthropic has disclosed a major AI-enabled cyber-espionage campaign, saying a suspected Chinese state-sponsored group manipulated its Claude Code tool to infiltrate around 30 organizations worldwide.
The attack, detected in September, targeted tech firms, financial institutions, chemical manufacturers and government agencies, and is believed to be the first documented large-scale cyber-operation executed with minimal human intervention.
According to Anthropic, the attackers “jail-broke” Claude by breaking down tasks into seemingly benign prompts disguised as legitimate cybersecurity testing.
Once triggered, the AI carried out reconnaissance, system mapping, exploit code writing, credential harvesting and data exfiltration. The company estimates AI performed 80-90% of the operation, acting at speeds and scale impossible for human hackers.
The campaign drew on recent advances in AI autonomous workflows, including reasoning, tool-use and access to network scanning and password-cracking systems. Human operators intervened only occasionally.
On discovery, Anthropic says it banned accounts, notified affected organizations and worked with authorities during a ten-day investigation.
The firm is now releasing details publicly and urging stronger safeguards, improved threat sharing and preparations for increasingly automated cyber operations.
