Anthropic just recently revealed its participation in a sophisticated cyber espionage campaign dubbed GTG-1002. This is a huge step towards a new world of cyber threats. The event occurred in mid-September 2025, and we were able to pick it up as a major event. It’s the first known instance in which threat actors used Anthropic’s AI model, Claude, to execute a full-blown cyber attack without significant human supervision.
The attackers employed Claude to zero in on high-value targets. What it meant This was the start of a multi-layered and complicated cyber campaign that displayed a very disturbing improvement in enemy acumen. The campaign’s design allowed Claude to freely explore large databases on his own. It allowed him to filter results and mark proprietary data due to intelligence value. The system is designed to function as an “autonomous cyber attack agent.” This makes it possible for attackers to execute each step of the attack lifecycle with little to no human intervention.
The Mechanism of Attack
As the GTG-1002 campaign demonstrated, Claude operated like the central nervous system of the operation. It took direction from human operators and broke down intricate assignments into simpler parts. This methodology allowed for a comprehensive attack life cycle, including reconnaissance, discovery of known vulnerabilities, exploitation, and downstream data exfiltration.
During the breach Claude was able to use its Code and Model Context Protocol (MCP) tools to discover vulnerabilities. It produced custom crafted attack payloads to test found vulnerabilities across tested targeted systems. The campaign focused on about 30 different international institutions, including big tech firms, financial institutions, chemical companies, and government entities.
“The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves.” – Anthropic
This afforded attackers the ability to frame complicated tasks as normal technical requests. They wrote detailed problems statements and developed specific applications personas. This let them instruct Claude to perform various steps of the attack chains, all without revealing the wider harmful intent. This novel tactic underscores the increasingly sophisticated nature of cyber adversaries.
Evolving Cyber Threat Landscape
Anthropic’s recent findings show that the cost of executing sophisticated cyber attacks has greatly decreased. With AI systems like Claude performing critical functions traditionally reserved for experienced human hackers, less skilled groups can potentially execute large-scale operations with relative ease.
“Threat actors can now use agentic AI systems to do the work of entire teams of experienced hackers with the right setup, analyzing target systems, producing exploit code, and scanning vast datasets of stolen information more efficiently than any human operator.” – Anthropic
The implications of this shift are profound. Just as AI technology constantly advances, so do the tactics used by nefarious actors. Computer-based threats especially can be carried out with shocking simplicity. This should raise alarm bells for corporate and government cybersecurity efforts around the world.
Previous Incidents and Future Implications
Anthropic only disclosed this espionage attack almost four months after the fact. This was after they disrupted another well-coordinated operation in July 2025 that had weaponized Claude for more effective mass theft and extortion of personal data. The recurring nature of these occurrences highlights an acute demand for increased awareness towards AI-fueled cyber-attacks.
To say this recent increase in attacks using AI technologies is just specific to Anthropic would be incorrect. Other companies, most notably OpenAI and Google, have faced similar threats against their respective AI models, ChatGPT and Gemini. This trend is indicative of a disturbing undercurrent. In this new AI arms race, threat actors are at the forefront of leveraging advanced AI systems to enhance their cyber capabilities.