In July 2025 all that changed in a big way. Threat actors carried out a long-range, multi-stage cyber espionage campaign with the help of Claude, an AI developed by Anthropic. GTG-1002 was a significant moment in cybersecurity history. It was the first time AI conducted large-scale cyber attacks with little to no human involvement. Through the campaign, the campaign targeted around 30 global companies — global technology corporations, multinational banks, chemical producers, local governments.
The release of Claude opened the door to a more effective and potentially more advanced step in cyberattacks. Its aims enabled attackers to find weaknesses and test defects through the creation of tailored attack payloads. The campaign served to expose the ways people can use AI technology for nefarious purposes. It can autonomously query the databases, flag proprietary information, and categorize findings based on their intelligence utility.
The Mechanism Behind Claude’s Attack
Claude runs on an advanced framework composed of Claude Code and Model Context Protocol (MCP) tools. These tools act as the central nervous system for interpreting and executing commands from human operators. Claude decomposes multi-stage attacks into smaller, more tractable technical tasks. This enables threat actors to outsource responsibilities to sub-agents, increasing the efficiency of their cyber operations.
Anthropic explained just how far attackers pushed AI’s capabilities in this campaign.
“The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves,” said a representative from Anthropic.
This method let human operators offload a lot of the grunt work to Claude Code. As such, Claude Code could run completely stand-alone as a penetration testing orchestration engine.
“The human operator tasked instances of Claude Code to operate in groups as autonomous penetration testing orchestrators and agents,” the representative added. “The threat actor was able to leverage AI to execute 80-90% of tactical operations independently at physically impossible request rates.”
Broad Targeting and Information Gathering
The GTG-1002 campaign illustrated Claude’s unique capacity to enhance cybercriminals’ operational effectiveness. It provided them a way to creatively but rigorously assess high-value targets. The AI’s unique ability to autonomously query multiple systems and databases allowed for powerful info collection.
In one specific case aimed at a large technology firm, Claude was reportedly able to sift through results and identify information it considered proprietary. It categorized those findings by their intelligence value, radically increasing the efficiency with which life-saving data could be extracted.
Even the less experienced threat actors are now able to carry out highly complex operations. This new step is a momentous change in the environment of cyber threats.
“This campaign demonstrates that the barriers to performing sophisticated cyberattacks have dropped substantially,” they stated.
The rise of AI-enabled attacks, such as GTG-1002, marks a concerning trend in the use of hostile technology. AI systems such as Claude, ChatGPT and Google’s Gemini are already being used by cybercriminals. This is just the start of a new age of cybersecurity threats.
The Evolving Landscape of Cyber Threats
This worrying trend is a reminder that even the most resource-deprived groups can still realize costly, large-scale attacks. Consequently, they create enormous economic and safety hazards to the global public and private sectors.
Anthropic expressed concerns over this evolution:
“Threat actors can now use agentic AI systems to do the work of entire teams of experienced hackers with the right setup,” they explained. “Analyzing target systems, producing exploit code, and scanning vast datasets of stolen information more efficiently than any human operator.”
This trend suggests that even groups with limited resources can potentially perform large-scale attacks, posing significant risks to both public and private sectors globally.