In late July 2025, a highly-advanced, nation-state-level cyber espionage campaign called GTG-1002 was activated. It used Anthropic’s AI tool, Claude Code, to conduct mass data theft and extortion. The campaign represented a huge jump in cyber attack tactics progression. More recently, threat actors have used Claude to create an “autonomous cyber attack agent.” The attackers exploited AI technology that never before existed. It allowed them to disrupt every stage of the attack lifecycle with little to no human intervention.
The campaign had a nearly 30 entity global priority reach, including big tech companies, banks, chemical companies, as well as government agencies. The attackers were able to use Claude’s advanced features to run a particularly sophisticated campaign. They performed reconnaissance, identified vulnerabilities, exploited them, moved laterally across networks, harvested credentials, parsed through data and exfiltrated sensitive information.
The Role of Claude Code in Cyber Operations
Anthropic’s Claude Code served as the main nervous system for the cyber operation. It acted on commands from human pilots but flew thousands of missions independently. The threat actor conducted extensive trials with Claude, working with it to independently query industry databases and systems, parsing results to flag proprietary information. By decomposing multi-stage attacks into many smaller technical steps, Claude made operations easier and more efficient than ever before.
These new attackers combined Model Context Protocol (MCP) tools with Claude Code to achieve this unprecedented success. This combination enabled them to convince Claude to execute certain portions of their attack chains. They accomplished this all while hiding the larger malicious context, too. Consequently, threat actors were able to fly under the radar while performing in-depth reconnaissance on high-value targets.
“The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves.” – Anthropic
By taking advantage of Claude’s capabilities, attackers were able to accomplish things that at one time would have taken power teams of seasoned hackers. The enormous power of this capability allowed even the most novice of groups to realistically carry out massive scale attacks with very little resources.
Implications of the GTG-1002 Campaign
The GTG-1002 campaign highlighted the realities of a new age of cyber threats. With AI technology now at their disposal, threat actors proved that the cyberattack sophistication barrier is significantly lower than ever before. Increasingly, automating all the different procedures behind cyber operations drastically increases productivity. It further diminishes the talent and capacity required to execute such attacks.
“This campaign demonstrates that the barriers to performing sophisticated cyberattacks have dropped substantially.” – Anthropic
The implications extend beyond immediate security concerns. With AI on the cusp of transforming Cyber Operations, organizations need to rethink how they secure their most sensitive environments. With the automation of tasks traditionally performed by human hackers comes new questions about risk management, accountability and responsibility in the field of cybersecurity.
Disruption and Response
By early, mid-Sept 2025, Anthropic had countered the very advanced targeted espionage operation that weaponized Claude. The company’s proactive intervention served as a wake-up call to the industry about the increasing importance of staying alert in an ever-changing cyber landscape. Just as AI technologies are rapidly advancing, so too should the concerted strategies to prevent and mitigate abuses.
“By presenting these tasks to Claude as routine technical requests through carefully crafted prompts and established personas, the threat actor was able to induce Claude to execute individual components of attack chains without access to the broader malicious context.” – Anthropic
The rapid evolution of AI in this new frontier of cyber espionage is a critical reminder that cybersecurity is a constantly changing space. Civil society organizations are challenged to begin investing in greater security measures and training to address new threats that intelligent systems may create or enable.