First up: \u201cVibe-hacking.\u201d One sophisticated cybercrime ring that Anthropic says it recently disrupted used Claude Code, Anthropic\u2019s AI coding agent, to extort data from at least 17 different organizations around the world within one month. The hacked parties included healthcare organizations, emergency services, religious institutions, and even government entities.<\/p>\n
\u201cIf you\u2019re a sophisticated actor, what would have otherwise required maybe a team of sophisticated actors, like the vibe-hacking case, to conduct \u2014 now, a single individual can conduct, with the assistance of agentic systems,\u201d Jacob Klein, head of Anthropic\u2019s threat intelligence team, told The Verge in an interview. He added that in this case, Claude was \u201cexecuting the operation end-to-end.\u201d<\/p>\n
Anthropic wrote in the report that in cases like this, AI \u201cserves as both a technical consultant and active operator, enabling attacks that would be more difficult and time-consuming for individual actors to execute manually.\u201d For example, Claude was specifically used to write \u201cpsychologically targeted extortion demands.\u201d Then the cybercriminals figured out how much the data \u2014 which included healthcare data, financial information, government credentials, and more \u2014 would be worth on the dark web and made ransom demands exceeding $500,000, per Anthropic.<\/p>\n
\u201cThis is the most sophisticated use of agents I\u2019ve seen \u2026 for cyber offense,\u201d Klein said.<\/p>\n
In another case study, Claude helped North Korean IT workers fraudulently get jobs at Fortune 500 companies in the U.S. in order to fund the country\u2019s weapons program. Typically, in such cases, North Korea tries to leverage people who have been to college, have IT experience, or have some ability to communicate in English, per Klein \u2014 but he said that in this case, the barrier is much lower for people in North Korea to pass technical interviews at big tech companies and then keep their jobs.<\/p>\n
With the assistance of Claude, Klein said, \u201cwe\u2019re seeing people who don\u2019t know how to write code, don\u2019t know how to communicate professionally, know very little about the English language or culture, who are just asking Claude to do everything \u2026 and then once they land the job, most of the work they\u2019re actually doing with Claude is maintaining the job.\u201d<\/p>\n
Another case study involved a romance scam. A Telegram bot with more than 10,000 monthly users advertised Claude as a \u201chigh EQ model\u201d for help generating emotionally intelligent messages, ostensibly for scams. It enabled non-native English speakers to write persuasive, complimentary messages in order to gain the trust of victims in the U.S., Japan, and Korea, and ask them for money. One example in the report showed a user uploading an image of a man in a tie and asking how best to compliment him.<\/p>\n
In the report, Anthropic itself acknowledges that although the company has \u201cdeveloped sophisticated safety and security measures to prevent the misuse\u201d of its AI, and though the measures are \u201cgenerally effective,\u201d bad actors still sometimes manage to find ways around them. Anthropic says that AI has lowered the barriers for sophisticated cybercrime and that bad actors use the technology to profile victims, automate their practices, create false identities, analyze stolen data, steal credit card information, and more.<\/p>\n
Each of the case studies in the report adds to the increasing amount of evidence that AI companies, try as they might, often can\u2019t keep up with the societal risks associated with the tech they\u2019re creating and putting out into the world. \u201cWhile specific to Claude, the case studies presented below likely reflect consistent patterns of behaviour across all frontier AI models,\u201d the report states.<\/p>\n
Anthropic said that for every case study, it banned the associated accounts, created new classifiers or other detection measures, and shared information with the appropriate government agencies, like intelligence agencies or law enforcement, Klein confirmed. He also said the case studies his team saw are part of a broader change in AI risk.<\/p>\n
\u201cThere\u2019s this shift occurring where AI systems are not just a chatbot because they can now take multiple steps,\u201d Klein said, adding, \u201cThey\u2019re able to actually conduct actions or activity like we\u2019re seeing here.\u201d<\/p>\n
8 Comments<\/a>Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.Hayden FieldClose Posts from this author will be added to your daily email digest and your homepage feed.<\/p>\n PlusFollow<\/p>\n See All by Hayden Field<\/a><\/p>\n AICloseAI<\/p>\n Posts from this topic will be added to your daily email digest and your homepage feed.<\/p>\n PlusFollow<\/p>\n See All AI<\/a><\/p>\n PrivacyClosePrivacy<\/p>\n Posts from this topic will be added to your daily email digest and your homepage feed.<\/p>\n PlusFollow<\/p>\n See All Privacy<\/a><\/p>\n SecurityCloseSecurity<\/p>\n Posts from this topic will be added to your daily email digest and your homepage feed.<\/p>\n PlusFollow<\/p>\n![\"Hayden](\"https:\/\/www.newsbeep.com\/au\/wp-content\/uploads\/2025\/08\/257719_staff_portraits_2025_HAYDEN_AKrales_0081.jpg\"\/)
Hayden Field<\/p>\n