Chinese State Hackers Use Anthropic's Claude AI to Automate Large-Scale Cyberattacks

Hackers use Anthropic's AI model Claude once again

Anthropic announced on Thursday that Chinese state-backed hackers used the company's AI model Claude to automate roughly 30 attacks on corporations and governments during a September campaign, according to reporting from the Wall Street Journal. Anthropic said that up to 80% to 90% of the attack was automated with AI, a level higher than previous hacks. It occurred "literally with the click of a button, and then with minimal human interaction," Anthropic's head of threat intelligence Jacob Klein told the Journal. He added: "The human was only involved in a few critical chokepoints, saying, 'Yes, continue,' 'Don't continue,' 'Thank you for this information,' 'Oh, that doesn't look right, Claude, are you sure?'" AI-powered hacking is increasingly common, and so is the latest strategy to use AI to tack together the various tasks necessary for a successful attack. Google spotted Russian hackers using large-language models to generate commands for their malware, according to a company report released on November 5th. For years, the US government has warned that China was using AI to steal data of American citizens and companies, which China has denied. Anthropic told the Journal that it is confident the hackers were sponsored by the Chinese government. In this campaign, the hackers stole sensitive data from four victims, but as with previous hacks, Anthropic did not disclose the names of the targets, successful or unsuccessful. The company did say that the US government was not a successful target.

Chinese hackers used Anthropic's AI agent to automate spying

Why it matters: This is the first documented case of a foreign government using AI to fully automate a cyber operation, Anthropic warned. * Anthropic said the campaign relied on Claude's agentic capabilities, or the model's ability to take autonomous action across multiple steps with minimal human direction. The big picture: The dam is breaking on state hackers using AI to speed up and scale digital attacks. * Earlier this month, Google said Russian military hackers used an AI model to help generate malware for targeting Ukrainian entities. But that required human operators to prompt the model step by step. * In this new case, Claude Code carried out 80-90% of the operation on its own, Anthropic said. Zoom in: In a blog post Thursday, Anthropic said it spotted suspected Chinese state-sponsored hackers jailbreaking Claude Code to help breach dozens of tech companies, financial institutions, chemical manufacturers, and government agencies. * The company first detected the activity in mid-September and investigated over the following 10 days. * It banned the malicious accounts, alerted targeted organizations, and shared findings with authorities during that time period. How it worked: The attackers tricked Claude into thinking it was performing defensive cybersecurity tasks for a legitimate company. They also broke down malicious requests into smaller, less suspicious tasks to avoid triggering its guardrails. * Once jailbroken, Claude inspected target systems, scanned for high-value databases, and wrote custom exploit code. * Claude also harvested usernames and passwords to access sensitive data, then summarized its work in detailed post-operation reports, including credentials it used, the backdoors it created and which systems were breached. * "The highest-privilege accounts were identified, backdoors were created, and data were exfiltrated with minimal human supervision," Anthropic said in its blog post. Threat level: As many as four of the suspected Chinese attacks successfully breached organizations, Jacob Klein, Anthropic's head of threat intelligence, told the Wall Street Journal. * "The AI made thousands of requests per second -- an attack speed that would have been, for human hackers, simply impossible to match," the company said in its blog post. Yes, but: Claude wasn't perfect. It hallucinated some login credentials and claimed it stole a secret document that was already public. What to watch: This is likely just the beginning, cybersecurity experts have warned. * Anthropic said it's strengthening its detection tools and warned that similar techniques could be used by less sophisticated threat actors going forward.

Anthropic says Chinese hackers used its Claude AI chatbot in cyberattacks

Mary Cunningham is a reporter for CBS MoneyWatch. Before joining the business and finance vertical, she worked at "60 Minutes," CBSNews.com and CBS News 24/7 as part of the CBS News Associate Program. Anthropic said Thursday that Chinese hackers used its artificial intelligence technology in what the company believes is the first cyberespionage operation largely carried out using AI. Anthropic said the cybercriminals used its popular chatbot, Claude, to target roughly 30 technology companies, financial institutions, chemical manufacturers and government agencies. The hackers used the AI platform to gather usernames and passwords from the companies' databases that they then exploited to steal private data, Anthropic said, while noting that only a "small number" of these attacks succeeded. "We believe this is the first documented case of a large-scale cyberattack executed without substantial human intervention," Anthropic said in a statement. The San Francisco-based company did not immediately respond to a request for comment. The news was first reported by the Wall Street Journal. Anthropic said it began detecting suspicious activity in mid-September. A subsequent investigation by the company revealed that the activity stemmed from an espionage campaign that Anthropic said was likely carried out by a state-sponsored group based in China. According to the investigation, hackers allegedly duped Claude into thinking it was an employee of a legitimate cybersecurity firm and that it was being used for defensive testing. Anthropic also said the cybercriminals sought to hide their tracks by breaking down the attack into small tasks. Unlike conventional cyberattacks, the operation required minimal human intervention, according to the company. "The AI made thousands of requests per second, an attack speed that would have been, for human hackers, simply impossible to match," Anthropic said. Anthropic said it expects AI cyberattacks to grow in scale and sophistication as so-called agents become more widely used for a range of services. AI agents are cheaper than professional hackers and can operate quickly at a larger scale, making them particularly attractive to cybercriminals, MIT Technology Review has pointed out.

China uses Anthropic AI to automate hacking of major targets - WSJ By Investing.com

Investing.com -- Chinese state-sponsored hackers used Anthropic's artificial intelligence technology to automate break-ins of major corporations and foreign governments during a September hacking campaign, the company announced Thursday, according to a report from the Wall Street Journal. According to Jacob Klein, Anthropic's head of threat intelligence, the campaign targeted dozens of entities and demonstrated a level of automation previously unseen by the company's cybersecurity team. While hackers have long employed AI for specific tasks like crafting phishing emails or scanning for vulnerabilities, this attack was 80% to 90% automated, with human intervention limited to a few key decision points. "The human was only involved in a few critical chokepoints, saying, 'Yes, continue,' 'Don't continue,' 'Thank you for this information,' 'Oh, that doesn't look right, Claude, are you sure?'" Klein explained. The hackers executed their attacks "literally with the click of a button, and then with minimal human interaction," Klein said. In one instance, the attackers directed Anthropic's Claude AI tools to independently query internal databases and extract data. Although Anthropic eventually disrupted the campaigns and blocked the hackers' accounts, as many as four intrusions were successful, resulting in the theft of sensitive information in some cases. The company detected approximately 30 targets but did not disclose which specific corporations and governments were targeted. This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.