Anthropic (ANTHRO) said it has stopped what it believes to be the first large-scale cyberattack campaign powered almost entirely by artificial intelligence agents.
“The threat actor—whom we assess with high confidence was a Chinese state-sponsored group—manipulated our Claude Code tool into attempting infiltration into roughly thirty global targets and succeeded in a small number of cases,” Anthropic said in a blog post on Thursday. “The operation targeted large tech companies, financial institutions, chemical manufacturing companies, and government agencies. We believe this is the first documented case of a large-scale cyberattack executed without substantial human intervention.”
The San Francisco-based Anthropic is the creator of the Claude series of large language models. It is backed by Amazon (AMZN), Google (GOOG)(GOOGL) and other tech companies.
Anthropic said it first noticed suspicious activity in mid-September. It then launched a 10-day investigation that uncovered the depth of the operation. The cybercriminals used the Claude Code tool to target organizations, identifying the most valuable information, and eventually harvested usernames and passwords to dig deeper into target databases.
“Overall, the threat actor was able to use AI to perform 80-90% of the campaign, with human intervention required only sporadically (perhaps 4-6 critical decision points per hacking campaign),” Anthropic said. “The sheer amount of work performed by the AI would have taken vast amounts of time for a human team. The AI made thousands of requests per second—an attack speed that would have been, for human hackers, simply impossible to match.”
Anthropic said it has already expanded its detection capabilities to help better identify malicious activity.