A few months ago, Anthropic published a description of how its cloud AI models were weaponized in a “vibe hacking” extortion scheme. The company has continued to monitor how agentic AI is being used to coordinate cyberattacks, and now a state-backed group of hackers in China has used the cloud in an attempt to infiltrate 30 corporate and political targets around the world, with some success.
Anthropic described it as “the first documented case of a large-scale cyberattack that was carried out without substantial human intervention”, adding that the hackers first chose their targets, which included unnamed technology companies, financial institutions, and government agencies. After successfully bypassing the training of models to avoid harmful behavior, they used cloud code to develop an automated attack framework. This was achieved by breaking the planned attack into smaller tasks that did not clearly reveal their broader malicious intent, and by disclosing to the cloud that it was a cybersecurity firm that was using AI for defensive training purposes.
After writing its own exploit code, Anthropic said Cloud was then able to steal usernames and passwords which allowed it to extract “large amounts of private data” through a backdoor it created. The allegedly compliant AI also went to the trouble of documenting the attacks and storing the stolen data in separate files.
The hackers used AI for 80–90 percent of their operations, intervening only occasionally, and the cloud was able to execute an attack in a much shorter time than humans. It was not flawless, with some of the information obtained becoming publicly available, but Anthropic said such attacks would become more sophisticated and effective over time.
You might be wondering why an AI company would want to publicize the dangerous potential of its technology, but Anthropic says its investigation also serves as evidence of why the assistant is “important” for cyber defense. It said the cloud was successfully used to analyze the threat level of the data collected, and was ultimately seen as a tool that could assist cybersecurity professionals if future attacks occur.
The cloud is by no means the only AI that has benefited cybercriminals. Last year, it was said that its generative AI tools were being used by hacker groups linked to China and North Korea. They reportedly used GAI to assist in debugging code, researching potential targets, and drafting phishing emails. OpenAI said at the time that it had blocked the groups’ access to its systems.