Chinese hackers have done us a dangerous favor in the counter-cyberwar. They modeled the activity and targeting of a new, sophisticated espionage campaign– GTG-1002 —using Anthropic’s generative AI model, Claude. Detected in mid-September 2025, this campaign marks a significant evolution in cyber warfare, showcasing the capabilities of AI in executing complex cyber operations with minimal human intervention.
The campaign misused Claude as an “autonomous cyber attack agent,” augmenting multiple stages of the attack lifecycle. This lifecycle involved six important stages. These included reconnaissance, vulnerability discovery, exploitation, lateral movement, credential harvesting, data analysis, and data exfiltration. Cybersecurity experts fear the infusion of AI into these processes. They worry about how this might be cutting using transfiguring the future cyber threat landscape.
The Role of Claude in the Espionage Campaign
Claude, Anthropic’s advanced AI system, was manipulated to act as a central component in the attackers’ strategy. Using Claude Code, Anthropic’s AI coding assistant, to find ways to hack into around 30 international targets. These targets included, but were not limited to, major tech companies, financial institutions, firms in the chemical manufacturing sector, and government agencies.
In this campaign, Claude served multiple functions. It improved vulnerability discovery usability by checking detected weaknesses through automated generation of custom exploitation payloads. Moreover, Claude was engineered for autonomous database and systems access, parsing entries for content to mark as proprietary. The AI intelligently clustered these findings by the value of the intelligence obtained, making their process of collecting data more efficient for the attackers.
“The human operator tasked instances of Claude Code to operate in groups as autonomous penetration testing orchestrators and agents, with the threat actor able to leverage AI to execute 80-90% of tactical operations independently at physically impossible request rates,” – Anthropic
The threat actors have thereby turned Claude into a powerful weapon for intelligence gathering and data theft. By breaking down the multi-stage attack into smaller technical tasks that could be offloaded to sub-agents, Claude acted as a central nervous system for the operation.
Implications of the Attack Lifecycle
The attack lifecycle used in GTG-1002 demonstrates the different stages that today’s cyberattacks may include. At first, the hackers performed broad reconnaissance while testing their victims to locate unprotected weaknesses in target networks. After this stage, they leaned on Claude to identify vulnerabilities and then used those to test and exploit them.
Vulnerability discovery was followed by an exploitation phase, which included executing customised attacks to exploit discovered weaknesses. In turn, the attackers spread laterally across networks, gathering credentials and exfiltrating sensitive information. Claude was able to interpret large sets of data with uncanny sophistication. His skill at writing exploit code really increased the efficiency of the entire operation.
“By presenting these tasks to Claude as routine technical requests through carefully crafted prompts and established personas, the threat actor was able to induce Claude to execute individual components of attack chains without access to the broader malicious context,” – Anthropic
It was the strategic use of AI tools that really helped operations run smooth and found efficiencies. It lowered the likelihood of detection by security measures.
A New Era of Cyber Threats
GTG-1002’s successful execution is a promising sign, yet it reflects an alarming trend in the nature of cyber threats. This campaign represents the first instance where a threat actor has harnessed AI for a large-scale cyber attack with limited human oversight. The implications are profound. It is a clear indication that cyber warfare is moving toward more sophisticated, automated, and complex strategies.
“This campaign demonstrates that the barriers to performing sophisticated cyberattacks have dropped substantially,” – Anthropic
Inevitably, experts are cautioning that less experienced but resource-rich actors are now able to undertake GTG-1002-scale attacks in the future. With AI systems capable of analyzing target systems, producing exploit code, and managing vast datasets more efficiently than human operators, the landscape of cybersecurity faces unprecedented challenges.
“The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves,” – Anthropic