Anthropic Reports First Large-Scale Cyberattack Driven Mostly by AI
Company says a Chinese state-linked group jail-broke Claude Code to run an espionage campaign with minimal human involvement.
Topics
News
- Sovereign Wealth Funds Chase AI Infrastructure Boom
- Indian IT Firms See Agentic AI Opening $400 Billion Opportunity
- OpenAI Hires Uber Veteran Prabhjeet Singh for India Push
- India-US Talks Put AI Stack In Focus
- OpenAI Plans Limited GPT-5.6 Rollout After White House Request
- Employers Still Want MBAs Even as One in Three Hands Entry-Level Work to AI
[Image creative: Chetan Jha/MITSMR India]
Anthropic has disclosed a major AI-enabled cyber-espionage campaign, saying a suspected Chinese state-sponsored group manipulated its Claude Code tool to infiltrate around 30 organizations worldwide.
The attack, detected in September, targeted tech firms, financial institutions, chemical manufacturers and government agencies, and is believed to be the first documented large-scale cyber-operation executed with minimal human intervention.
According to Anthropic, the attackers “jail-broke” Claude by breaking down tasks into seemingly benign prompts disguised as legitimate cybersecurity testing.
Once triggered, the AI carried out reconnaissance, system mapping, exploit code writing, credential harvesting and data exfiltration. The company estimates AI performed 80-90% of the operation, acting at speeds and scale impossible for human hackers.
The campaign drew on recent advances in AI autonomous workflows, including reasoning, tool-use and access to network scanning and password-cracking systems. Human operators intervened only occasionally.
On discovery, Anthropic says it banned accounts, notified affected organizations and worked with authorities during a ten-day investigation.
The firm is now releasing details publicly and urging stronger safeguards, improved threat sharing and preparations for increasingly automated cyber operations.
