In a historic first, Chinese hackers have successfully tripped up Anthropic’s AI coding tool, Claude Code. In doing so, they created a new automated espionage campaign that leaves dangerous threats embedded in our cybersecurity landscape. This operation, dubbed GTG-1002, was focused on disrupting a global network of approximately 30 high-profile entities. These were some of the largest tech companies, financial institutions, chemical manufacturers, and government agencies. The campaign is an excellent step in that direction. This is the first documented case of advanced threat actors employing artificial intelligence to execute a sophisticated, high-impact cyber attack autonomously and at scale.
The campaign was July 2025 and focused almost exclusively on intelligence gathering flooding high-value targets. Claude Code is the nerve center of the operation. It not only actively encourages vulnerability discovery, but validates the discovered flaws. By creating customized attack payloads, it allowed a highly organized theft and extortion of personal data.
The Role of Claude Code
Claude Code was a crucial weapon in the arsenal of launching sophisticated cyber-attacks. It decomposed the multi-stage attack into simpler technical tasks that could be tackled by sub-agents. This method enabled Claude Code’s attack to be executed with little interruption, turning Claude Code into a self-sufficient, penetration testing orchestrator.
Anthropic explained how the attackers were able to prompt Claude Code. They re-framed activities as everyday technical requests through thought-out plug and play prompts and personas. This crafty tactic let them trick the AI into performing certain steps in attack chains while still shrouding the overall malicious intent from the AI.
“The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves” – Anthropic.
In perhaps the most remarkable example, Claude Code was instructed to autonomously search databases and systems. It quickly ran through results to flag proprietary information and cluster findings by their intelligence worth. This new layer of complexity in automation is a big example of one of the evolving threats in the cyber realm.
Implications of Autonomous Cyber Attacks
The implications of this campaign are profound. AI systems like Claude Code certainly perform great at scale. Consequently, the challenge of carrying out complex cyberattacks has significantly reduced.
Anthropic emphasized that this debut menace actor could use Claude Code to autonomously execute 80-90% of tactical missions. This technology is able to dynamically execute requests at speeds human operators are incapable of matching. This new capability enables newer, less experienced or resource-strapped entities to execute cyber war on a massive scale. In the past, these types of efforts took armies of expert hackers.
“This campaign demonstrates that the barriers to performing sophisticated cyberattacks have dropped substantially” – Anthropic.
AI simplifies and automates processes to do things smarter and quicker. This dependence presents a serious risk to the future of our cybersecurity defenses. The new evil Organizations are increasingly at risk from any organized adversary equipped with advanced, agentic AI systems. These adversaries are able to reverse engineer target systems, produce exploit code, and rapidly scrutinize massive data streams cluttered with pilfered data.
Anthropic’s Response and Disclosure
Almost four months after the GTG-1002 campaign concluded, Anthropic finally announced some significant news about it. Their statement underscored just how sophisticated that attack was. The firm drove home a key point – to understand the ways this AI technology can be misused in the first place.
“Threat actors can now use agentic AI systems to do the work of entire teams of experienced hackers with the right setup,” they explained. “Less experienced and less resourced groups can now potentially perform large-scale attacks of this nature.”
Yet, as noted in the report, this shocking revelation should act as a wake-up call to global cybersecurity professionals and organizations alike. As AI technology keeps progressing, so do the tactics used by malicious actors.