Anthropic Reports First Large-Scale Cyberattack Driven Mostly by AI
Company says a Chinese state-linked group jail-broke Claude Code to run an espionage campaign with minimal human involvement.
Topics
News
- Altman’s AI Energy Comparison to Human Development Draws Flak
- Why Open Networks, DPIs Are Key to Scaling Social Impact
- Anthropic Expands Claude Into Code Security With AI Reasoning
- IBM Expands GovTech Push in India With Lucknow AI Center
- Tata Communications, RailTel Partner to Upgrade Network for AI Era
- Microsoft Taps Asha Sharma to Lead Gaming as Spencer Retires
[Image creative: Chetan Jha/MITSMR India]
Anthropic has disclosed a major AI-enabled cyber-espionage campaign, saying a suspected Chinese state-sponsored group manipulated its Claude Code tool to infiltrate around 30 organizations worldwide.
The attack, detected in September, targeted tech firms, financial institutions, chemical manufacturers and government agencies, and is believed to be the first documented large-scale cyber-operation executed with minimal human intervention.
According to Anthropic, the attackers “jail-broke” Claude by breaking down tasks into seemingly benign prompts disguised as legitimate cybersecurity testing.
Once triggered, the AI carried out reconnaissance, system mapping, exploit code writing, credential harvesting and data exfiltration. The company estimates AI performed 80-90% of the operation, acting at speeds and scale impossible for human hackers.
The campaign drew on recent advances in AI autonomous workflows, including reasoning, tool-use and access to network scanning and password-cracking systems. Human operators intervened only occasionally.
On discovery, Anthropic says it banned accounts, notified affected organizations and worked with authorities during a ten-day investigation.
The firm is now releasing details publicly and urging stronger safeguards, improved threat sharing and preparations for increasingly automated cyber operations.
