Anthropic Reports First AI-Driven Cyber Espionage Campaign

Anthropic has revealed details of what it describes as the first documented large-scale cyber espionage campaign executed primarily by artificial intelligence, according to a company report. The company said the incident, detected in mid-September 2025, involved a Chinese state-sponsored group that manipulated its Claude Code tool to infiltrate about 30 global targets, including technology firms, financial institutions, chemical manufacturers, and government agencies.

The attackers reportedly used AI not only to advise but to autonomously perform the majority of the cyber operations. The group tricked Claude into believing it was conducting legitimate cybersecurity tests by breaking the attack into smaller, seemingly harmless tasks. Once activated, the AI performed reconnaissance, wrote and executed exploit code, harvested credentials, and exfiltrated data — completing roughly 80–90% of the campaign with minimal human direction.

Anthropic said it responded by banning compromised accounts, notifying affected organizations, and coordinating with authorities. The company has since expanded its detection systems and improved classifiers to identify malicious AI activity. It described the case as a turning point for cybersecurity, showing how autonomous AI agents can be used both to defend and to conduct large-scale cyberattacks.

The company stated that it will continue sharing findings from such incidents to help industry and government partners strengthen their defenses against future AI-enabled threats.