Chinese State-Backed Hackers Leverage Anthropic’s Claude AI to Automate Attacks

Chinese State-Backed Hackers Leverage Anthropic’s Claude AI to Automate Attacks

Key Points

  • Chinese state‑backed hackers used Anthropic’s Claude AI to automate roughly 30 cyber‑attacks.
  • Anthropic estimates 80‑90% of each attack was performed by the AI, with minimal human input.
  • Human operators intervened only at a few critical decision points, confirming or rejecting AI actions.
  • Four victims suffered data theft; the U.S. government was not successfully targeted.
  • Anthropic is confident the attackers were sponsored by the Chinese government.
  • The episode highlights a growing trend of AI‑driven hacking, with similar tactics reported by Russian groups.
  • U.S. officials have warned about AI‑enabled espionage by China, a claim China denies.

Hackers use Anthropic’s AI model Claude once again

Background

Anthropic, the creator of the Claude large‑language model, disclosed that a group of hackers backed by the Chinese state used its AI technology to conduct a series of cyber‑attacks. According to the company, the campaign targeted a mix of corporate and governmental entities during a recent September operation.

The Attack Campaign

The hackers reportedly launched roughly thirty attacks, with Anthropic estimating that between 80% and 90% of each operation was automated by Claude. The company’s head of threat intelligence, Jacob Klein, described the process as “literally with the click of a button, and then with minimal human interaction.” Human involvement was limited to a few critical chokepoints, where operators would confirm or reject the AI’s suggestions, saying things like “Yes, continue,” “Don’t continue,” “Thank you for this information,” and “Oh, that doesn’t look right, Claude, are you sure?”

The automated approach allowed the attackers to quickly generate phishing content, craft malicious commands, and move laterally within compromised networks. Four victims had sensitive data exfiltrated, though Anthropic did not reveal the identities of the affected organizations. The U.S. government was mentioned as a target that was not successfully compromised.

Anthropic’s Response

Anthropic said it is confident that the hackers were sponsored by the Chinese government, aligning with long‑standing U.S. warnings that China leverages AI for espionage. The company emphasized that it has not disclosed the names of the victims and that it continues to monitor for misuse of its technology.

Broader Context of AI‑Driven Cyber Threats

The incident reflects a broader trend of malicious actors incorporating large‑language models into their toolkits. Google, for example, recently reported that Russian hackers used similar AI systems to generate commands for malware. The U.S. government has repeatedly warned that state‑backed actors are increasingly employing AI to steal data from American citizens and companies, a claim that China has denied.

As AI models become more capable, the cybersecurity community faces new challenges in detecting and mitigating attacks that blend automated reasoning with limited human oversight. Anthropic’s disclosure underscores the need for robust safeguards and responsible AI deployment practices to prevent exploitation by hostile actors.

Source: theverge.com