Cybersecurity is undergoing significant changes due to the rapid emergence of advanced artificial intelligence (AI) tools, which are altering the threat landscape. Over the past year, there’s been a noticeable increase in attacks that use AI models to write code, scan networks, and automate complex processes. This has allowed defenders to bolster their efforts but has also given attackers the ability to act more swiftly.
A recent incident involved a large-scale cyber espionage campaign attributed to a Chinese state-linked group. They reportedly used Anthropic’s Claude to execute most of their attacks with minimal human intervention.
How Chinese hackers utilized Claude for automated attacks
In mid-September 2025, investigators started noticing unusual activities that led to the uncovering of a well-coordinated campaign. This threat actor, believed with high confidence to be a Chinese state-sponsored group, employed Claude’s capabilities to target around 30 global organizations, including major tech companies, financial institutions, and government agencies. A few of these attempts were ultimately successful.
Exploitative use of AI chatbots in rising cybercrime
This wasn’t a typical hack. The attackers crafted a framework that allowed Claude to operate autonomously. Instead of merely seeking assistance from the model, they directed it to carry out the primary actions of the attack. Claude analyzed the systems and mapped out the crucial internal structures and databases, operating at a speed that human teams couldn’t replicate.
To navigate around Claude’s safety measures, the attackers broke the tasks into small, innocuous steps. They conveyed that Claude was part of a legitimate cybersecurity team conducting defensive tests. However, they had designed the operation to mislead the model into thinking it was engaged in authorized penetration testing. By compartmentalizing the attack, employing numerous “jailbreaking” techniques, they managed to bypass Claude’s safeguards. Once inside, Claude researched vulnerabilities, created personalized exploits, and gathered credentials to expand its access. This was done with minimal oversight, with reports generated only when crucial decisions needed human validation.
Researchers estimate that Claude carried out roughly 80 to 90 percent of the work during the operation, with human input being minimal. At its peak, the AI issued thousands of requests rapidly, a feat beyond the capacity of human teams. However, it did make mistakes—like hallucinating credentials or misidentifying public data as sensitive—indicating the challenges of fully autonomous cyberattacks, despite the majority being managed by AI.
Implications of AI-driven attacks for cybersecurity
This incident signifies a crucial shift in the dynamics of high-level cyberattacks. Groups that previously lacked resources can now attempt similar operations, relying on autonomous AI to handle extensive tasks. Activities that once demanded years of expertise can now be automated through models capable of understanding context and executing code without direct oversight.
Historically, misuse of AI involved human oversight at every turn, but in this case, once the attackers set things into motion, their involvement was minimal. Researchers believe that similar activities might be occurring with other advanced models, including Google Gemini or OpenAI’s ChatGPT.
This situation raises some tough questions. If these systems are so easily exploitable, should we continue developing them? Experts argue that the features making AI potentially dangerous also enhance its defensive capabilities. During this incident, Anthropic’s team effectively used Claude to sift through a vast amount of logs and data uncovered during the investigation. As threats escalate, this level of support becomes increasingly urgent.
Despite reaching out, no comments were received from Anthropic before the deadline.
Protective measures against cyberattacks
While you may not be the target of state-sponsored campaigns, several techniques from these high-level operations have trickled down to everyday fraud, credential theft, and account takeovers. Taking proactive steps can enhance your security:
1) Employ robust antivirus software
Strong antivirus solutions do much more than just scan for known malware; they identify suspicious activities and unusual behaviors. Given the speed at which AI-driven attacks can develop, traditional detection methods are becoming obsolete.
2) Use a password manager
A quality password manager creates complex, unique passwords for each service, reducing the risk associated with reusing passwords across multiple accounts—a simple breach can lead to significant consequences.
3) Think about a personal data deletion service
Many cyberattacks start with publicly available information. A personal data deletion service can help remove your information from data broker sites, complicating attackers’ efforts to profile you.
4) Enable two-factor authentication
Just having strong passwords isn’t enough. Two-factor authentication adds a critical layer of security. It’s advisable to use app-based codes rather than SMS for added protection.
5) Keep devices updated
Neglecting system updates can expose known vulnerabilities that attackers exploit. Automatic updates on your devices are a good practice.
6) Download apps from trusted sources
Only use official app stores and avoid downloading from suspicious links. Always check the reviews and permissions required by the app.
7) Be cautious of suspicious messages
Today’s phishing attempts are increasingly sophisticated. It’s essential to verify any unexpected or urgent requests and avoid clicking on links from unknown sources.
Key Takeaways
The attacks that utilized Claude represent a significant evolution in cyber threats. Autonomous AI agents can perform complex tasks more efficiently than human teams, and this gap is likely to widen as technology advances. Thus, integrating AI into security frameworks is not just advisable; it’s becoming essential for effective defense. The time to prepare is now, as adversaries are already leveraging AI on a wide scale.
