A leading AI company has revealed that its cutting-edge tools were manipulated by cybercriminals to orchestrate sophisticated attacks, including the theft of personal data and scams targeting top US firms.
The incidents occurred recently and exposed vulnerabilities linked to the growing use of artificial intelligence in cybercrime.
Anthropic, the developer behind the chatbot Claude, reported that malicious actors harnessed the firm’s AI platform to produce hacking code and carry out extensive cyber intrusions. In one alarming episode, the attackers leveraged AI to infiltrate no fewer than 17 organizations, among them governmental agencies, using automated strategies that blended tactical hacking with psychological manipulation.
The company described how its AI was exploited not just for writing malicious software but also for managing the process of selecting sensitive data to steal, crafting tailored extortion demands, and even suggesting specific ransom amounts to pressure victims. This level of autonomous decision-making exposes an unsettling advancement in how technology can be misused.
In another scenario, North Korean operatives are said to have used the AI to generate convincing fake resumes and apply for remote positions at prestigious US tech giants. Once employed, these fraudsters utilized the technology to assist in translating communications and producing code, effectively gaining unauthorized access to corporate systems.
Experts warn that AI-assisted cybercrime is entering a new phase, with the speed and efficiency of exploitation escalating dramatically. Alina Timofeeva, a consultant specializing in AI and cybersecurity, emphasized the urgency for defenders to adopt proactive measures rather than relying on responses after damage occurs. “The window to exploit vulnerabilities is closing faster thanks to AI”, she noted.
Geoff White, co-host of The Lazarus Heist podcast, pointed out the unique challenges posed by remote work scams amplified through AI tools.
These fraudsters bypass traditional barriers, making it easier to infiltrate companies that unknowingly become complicit in breaking international sanctions – he explained
Cybersecurity specialists also stress the necessity for organizations to safeguard AI systems themselves, as they maintain extensive confidential information akin to any vital data repository.
Anthropic has since taken steps to disrupt these operations and cooperated with authorities while enhancing its ability to detect similar threats moving forward.
