Anthropic Report: Criminals Are Weaponizing AI to Automate Cyberattacks at Scale

Anthropic’s Threat Intelligence team has released a report detailing how malicious actors are misusing advanced AI systems like Claude to automate cyberattacks, build fraudulent personas, and scale criminal operations in ways that were previously impossible.

The report warns that “agentic AI systems are being weaponized: AI models are themselves being used to perform sophisticated cyberattacks – not just advising on how to carry them out.” Criminal groups are no longer treating AI as a tool for guidance, but as an active operator that executes attacks, analyzes stolen data, and even drafts extortion demands.

Anthropic highlights three trends reshaping the threat landscape:

• AI lowers the barriers to sophisticated cybercrime.
• Cybercriminals are embedding AI throughout their operations.
• AI is being used for all stages of fraud operations.

One of the most striking investigations exposed GTG-2002, a cybercriminal operation that used Claude Code to automate reconnaissance, credential harvesting, lateral movement, and exfiltration.

According to the report, “a cybercriminal used Claude Code to conduct a scaled data extortion operation across multiple international targets in a short timeframe, potentially affecting at least 17 distinct organizations.” Victims included government, healthcare, and emergency service providers.

Instead of deploying ransomware, the actor weaponized stolen data: “Rather than encrypting systems using traditional ransomware, this actor leveraged the sensitive data Claude Code exfiltrated on their behalf, threatening its public exposure to extort victims.” Customized ransom notes demanded up to $500,000 in Bitcoin.

The report also uncovered how North Korean IT workers are misusing Claude to secure fraudulent employment at Western tech firms.

Anthropic’s analysts found that “operators appear unable to perform basic technical tasks or professional communication without AI assistance, using this capability to infiltrate high-paying engineering roles that are intended to fund North Korea’s weapons programs.”

By relying on AI to pass coding tests, write professional emails, and even coach interviews, these workers simulate technical competence, fundamentally transforming the scale of North Korea’s sanctions-evasion operations.

Another investigation exposed a UK-based actor (GTG-5004) who used Claude to develop and sell AI-generated ransomware packages on dark web forums like Dread and CryptBB.

“Our investigation revealed not merely another ransomware variant, but a transformation enabled by artificial intelligence that removes traditional technical barriers to novel malware development.” The actor, despite lacking deep expertise in cryptography or Windows internals, marketed packages priced between $400 and $1,200 USD, featuring ChaCha20 encryption, anti-EDR evasion, and shadow copy deletion.

Anthropic identified a Chinese threat actor who integrated Claude across nearly all MITRE ATT&CK tactics during a nine-month campaign against Vietnamese infrastructure.

The actor used Claude for reconnaissance, credential harvesting, fuzzing tools, and lateral movement strategies. Analysts concluded: “The actor integrated Claude as an assistant across 12 of 14 MITRE ATT&CK tactics, using it as technical advisor, code developer, security analyst, and operational consultant.”

Finally, the report documented how fraud actors are using Claude to analyze stealer logs, run carding stores, and generate romance scam chatbots. One bot advertised Claude as a “high EQ model” for crafting emotionally intelligent scam messages.

This integration shows how AI is now part of a complete fraud supply chain, from data analysis to victim manipulation and monetization.

Anthropic concludes that AI-enabled operations represent a paradigm shift:

• A single operator can now achieve the impact of an entire cybercriminal team.
• Traditional assumptions about skill level no longer apply when AI provides instant expertise.
• Defenses must account for AI-adaptive attacks that evolve in real time.

As the report emphasizes, “These operations suggest a need for new frameworks for evaluating cyber threats that account for AI enablement.”

Related Posts:

• A New AI Frontier: Claude’s Chrome Extension Opens the Door to New Dangers
• Claude AI Integrates with Google Workspace
• Smarter Claude AI: Free Users Get Web Search, Voice Mode Coming Soon
• The AI Cold War: Anthropic Revokes OpenAI’s Claude API Access Over Terms of Service Dispute
• Anthropic Launches Claude Max Subscription with Higher Usage Tiers