Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
US AI giant Anthropic says it has detected threat actors weaponising its AI to launch cyber attacks.
In its latest Threat Intelligence Report, the AI giant said that it discovered a number of examples where its chatbot Claude was being misused to launch cyber crime campaigns and attacks.
“We find that threat actors have adapted their operations to exploit AI’s most advanced capabilities,” wrote Anthropic.
The three examples that Anthropic discusses are “a large-scale extortion operation using Claude Code, a fraudulent employment scheme from North Korea, and the sale of AI-generated ransomware by a cybercriminal with only basic coding skills.”
While Anthropic says it has been able to disrupt the threat actors in the cases it's referred to in its report, the company has said that AI tools like Claude Code and vibe coding programs has lowered the barrier for entry for cyber criminals.
Anthropic says in the vibe hacking case, the AI was used to write code to potentially access at least 17 organisations, some of which were government agencies.
“Rather than encrypt the stolen information with traditional ransomware, the actor threatened to expose the data publicly in order to attempt to extort victims into paying ransoms that sometimes exceeded $500,000,” Anthropic wrote.
The company said that AI was used for cyber crime to an “unprecedented degree,” with it being used for credential harvesting, network penetration and reconnaissance.
The AI was also used as part of a North Korean espionage campaign in which North Korean nationals secured jobs at western organisations using AI.
North Korean worker scams came into the limelight last year when identity security company KnowBe4 came clean on the fact that even it fell victim to the scam, accidentally hiring a North Korean national before discovering it was all a set-up.
"KnowBe4 publicly released information about how a North Korean 'fake employee' was accidentally hired and detected," KnowBe4 told Cyber Daily.
"The fake employee was detected very quickly and their restricted (or limited) onboarding access was shut down within 25 minutes of the first security alert. No illegal access was gained, and no data was lost, compromised, or exfiltrated on any KnowBe4 systems.”
Yet, it was one hell of a wake-up call for other businesses in the line of fire.
Since then, much more light has been shed on the operations of these fake IT workers and their role in supporting the Democratic People’s Republic of Korea (DPRK).
AI was identified as the core of the operation, where prior to the technology the nationals would have needed to undergo specialised training to take on the jobs. Now Anthropic has said Claude was at least one of the AI used.
“We discovered that North Korean operatives had been using Claude to fraudulently secure and maintain remote employment positions at US Fortune 500 technology companies. This involved using our models to create elaborate false identities with convincing professional backgrounds, complete technical and coding assessments during the application process, and deliver actual technical work once hired,” wrote Anthropic.
“These employment schemes were designed to generate profit for the North Korean regime, in defiance of international sanctions.”
Be the first to hear the latest developments in the cyber industry.
