Anthropic said Chinese hackers used Claude to attack targets and AI did almost all the work

AI News


Anthropic, an AI safety and research company, revealed that in September 2025, a sophisticated cyberattack campaign exploited its Claude AI system and targeted approximately 30 organizations around the world. The company’s investigation found that cybercriminals were leveraging Claude AI systems to perform large-scale intrusions, with the AI ​​reportedly doing almost all the work. Anthropic believes the attackers are from a Chinese state-sponsored group.

Anthropic describes the incident as the first documented instance in which an AI system autonomously carried out most stages of an advanced cyber operation. The company said the attackers manipulated Claude’s agent capabilities, specifically the Claude Code tool, to compromise technology companies, financial institutions, chemical manufacturers, and several government agencies. The news was first reported by the Wall Street Journal. Although only a handful of intrusions were ultimately successful, Anthropic said the campaign shows that AI systems can be leveraged to carry out complex cyber operations with minimal human involvement. “We believe this is the first recorded instance of a large-scale cyberattack carried out without substantial human intervention,” the company said in a statement.

How cybercriminals bypassed safety features

Anthropic revealed in its report that the hacker fooled Claude by breaking down the malicious task into smaller, seemingly harmless requests and assembling them as part of a defensive cybersecurity exercise. They were able to bypass AI safeguards and force the AI ​​to generate code, probe networks, and analyze systems under the guise of legitimate security assessments. According to Anthropic, this approach allowed the attackers to bypass built-in protections that would normally block harmful output.

Once the cybercriminals were integrated into the target network, the hackers were able to manipulate the Claude AI at speeds that no human hacking team could match. We scanned systems, mapped internal infrastructure, identified sensitive databases, and compiled a detailed overview for operators. The company noted that the model’s ability to quickly process vast amounts of data and provide highly organized reports played a central role in the campaign’s effectiveness.

Hackers used Claude AI for most of their work

In an analysis shared by Anthropic, Claude reportedly went far beyond basic reconnaissance. This system researched vulnerabilities, created exploit code tailored to specific systems, and attempted to gain access to high-value user accounts. In some instances, AI independently collected credentials, extracted personal data, and categorized it based on perceived strategic value. Once the task was completed, Claude created a document outlining the activity, including a list of stolen credentials, user activity logs, and an assessment of the compromised systems.

The company estimates that Claude handles 80-90% of the campaign’s workload, with human operators only stepping in to make important decisions or when the AI ​​needs direction. “The AI ​​made thousands of requests per second, an attack rate that would be impossible for a human hacker to match,” Anthropic noted. The company warned that the pace of this automation far exceeds what is achievable through traditional cybercrime operations.

Antoripic warns about smarter agent AI

Antropic issued a strong warning about the far-reaching implications of the incident. As companies pour billions of dollars into making AI smarter, cloud AI developers are calling on governments and the tech industry to prepare for rapidly evolving threats, pointing out how quickly nation-state-linked groups are learning to exploit cutting-edge AI systems.

As autonomous AI agents become more powerful and more widely accessible, Anthropic warns that the barrier to launching sophisticated cyberattacks could drop dramatically. The company said the incident should be treated as an early sign of a new era in cybersecurity, where attackers may increasingly rely on AI to expand their operations, evade defenses, and accelerate breaches at unprecedented speed.

– end

Publisher:

Divya Bhati

Publication date:

November 14, 2025



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *