Daily Tech News, Interviews, Reviews and Updates

Anthropic reports about Chinese hackers misusing its Claude Code tool for a large-scale cyberattack

Security
By Estuti Bajpai

Recently, Anthropic revealed in a blog post that it has detected and disrupted a major cyberattack allegedly carried out by a Chinese state-sponsored group using its Claude Code AI tool.

Here are all the details

Anthropic allegedly disrupted a large-scale cyberattack

In mid-September 2025, Anthropic detected suspicious activity that was later determined to be a highly sophisticated espionage campaign. It was revealed that attackers did not use AI as an advisor, but AI was used to conduct the cyberattack itself.

The company stated, “The threat actor—whom we assess with high confidence was a Chinese state-sponsored group—manipulated our Claude Code tool into attempting infiltration into roughly thirty global targets and succeeded in a small number of cases. The operation targeted large tech companies, financial institutions, chemical manufacturing companies, and government agencies. We believe this is the first documented case of a large-scale cyberattack executed without substantial human intervention.”

The diagram below shows the different phases of the attack, including AI models’ intelligence, agency, and tools.

In Phase 1, the human operators chose the relevant targets and then developed an attack framework to autonomously compromise the chosen target using Claude Code as an automated tool to carry out cyber operations. They used Claude by jailbreaking it. In Phase 2, Claude Code inspected the target organization’s systems and infrastructure and spotted the highest-value databases. And then reported it back to the human operators with a summary of its findings.

The next phases involved Claude identifying security vulnerabilities, crafting exploit code, harvesting credentials, and exfiltrating data, all with limited human check-ins (perhaps 4-6 critical decision points per hacking campaign).

The company mentioned that the abilities that allow Claude to be used in these attacks also make it crucial for cyber defense. The company’s goal for Claude is to assist cybersecurity professionals in detecting, disrupting, and preparing for future versions of the attack.

The company has banned accounts as they were identified, notified affected entities as appropriate, and coordinated with authorities. The company has then shared this case publicly to help those in the industry, government, and the wider research community to strengthen their own cyber defenses.

Get real time updates directly on you device, subscribe now.

Estuti Bajpai 5097 posts

Journalism student currently pursuing Masters in mass communication and Journalism from Chandigarh University. Well versed in public communication. Looking for an opportunity in the field of journalism to gain knowledge and use my journalism skills efficiently.

You might also like
Telecom

DoT to soon mandate Caller Name Presentation (CNAP) service in the Indian…

Business

NHAI signs MoU with Reliance Jio to introduce a telecom-based safety alert system…

Security

Circle to Search and Google Lens will now help you spot scam messages

Apps

Stay Alert! Fake DigiLocker apps listed on Google Play Store to mislead users