Anthropic reports the first major case of hackers automating large-scale espionage with advanced AI tools
Sheridan, WY, 17 November 2025 – A new report has revealed that state-sponsored hackers used Anthropic’s artificial intelligence technology to carry out a largely automated cyberattack against multiple technology companies and government agencies in September. According to Anthropic, this marks one of the earliest known cases where an AI system performed most of the operational work with minimal human involvement.
The attackers reportedly used Anthropic’s coding assistant, Claude Code, to generate scripts and instructions that guided an AI agent to gather information on around 30 unidentified targets. Human operators were responsible for only 10 to 20 percent of the effort, with the AI completing the rest on its own.
While the report does not disclose how Anthropic uncovered the incident or how the perpetrators were identified, the company said it had strong confidence that the hackers were affiliated with a Chinese state-backed group. However, the targeted organizations were not named.
Cybersecurity experts say the attack signals a shift in the landscape of digital threats. James Corera, director of the cyber, technology, and security program at the Australian Strategic Policy Institute, noted that although the operation was not fully automated, it clearly showed how hackers can now pass major portions of their work to AI systems. He added that despite growing automation, human oversight remains essential in orchestrating attacks.
A spokesperson for China’s Foreign Ministry responded that he was unfamiliar with the report but rejected accusations made without supporting evidence, stressing that China opposes hacking activities.
Researchers have long cautioned that modern AI tools could accelerate cyberattacks by making them easier, faster, and more scalable. At the same time, they emphasize that these tools also strengthen defenses by helping organizations detect, analyze, and block threats more efficiently. Throughout cybersecurity history, every leap in technology has been used for both attack and protection.
This is not the first time advanced AI has been linked to cybercrime. Several US-based companies have previously reported that international groups used AI-powered systems to assist in surveillance and hacking operations. Recent assessments also indicate that countries, including China, Russia, Iran, and North Korea, have increased their reliance on AI to organize cyberattacks and manipulate online information.
Earlier this year, findings showed that a separate Chinese-linked operation built AI-driven software to track online posts critical of the Chinese government. In August, Anthropic reported that its tools had been misused in attacks targeting telecommunications providers and government databases in Vietnam.
As a preventive measure, Anthropic updated its terms of service in September to restrict access to its technology in regions where usage is already limited or prohibited.
The rise of AI-driven cyberattacks highlights a crucial truth: as technology grows more powerful, the responsibility to secure it becomes even more important.