A hacker used AI to automate an ‘unprecedented’ cybercrime spree, Anthropic says

A hacker has exploited a leading artificial intelligence chatbot to conduct the most comprehensive and lucrative AI cybercriminal operation known to date, using it to do everything from find targets to write ransom notes.

In a report published Tuesday, Anthropic, the company behind the popular Claude chatbot, said that an unnamed hacker “used AI to what we believe is an unprecedented degree” to research, hack and extort at least 17 companies.

Cyber extortion, where hackers steal information like sensitive user data or trade secrets, is a common criminal tactic. And AI has made some of that easier, with scammers using AI chatbots for help writing phishing emails. In recent months, hackers of all stripes have increasingly incorporated AI tools in their work.

But the case Anthropic found is the first publicly documented instance in which a hacker used a leading AI company’s chatbot to automate almost an entire cybercrime spree.

According to the blog post, one of Anthropic’s periodic reports on threats, the operation began with the hacker convincing Claude Code — Anthropic’s chatbot that specializes in “vibe coding,” or creating computer programming based on simple requests — to identify companies vulnerable to attack. Claude then created malicious software to actually steal sensitive information from the companies. Next, it organized the hacked files and analyzed them to both help determine what was sensitive and could be used to extort the victim companies.

The chatbot then analyzed the companies’ hacked financial documents to help determine a realistic amount of bitcoin to demand in exchange for the hacker’s promise not to publish that material. It also wrote suggested extortion emails.

Jacob Klein, head of threat intelligence for Anthropic, said that the campaign appeared to come from an individual hacker outside of the U.S. and happen over the span of three months.

“We have robust safeguards and multiple layers of defense for detecting this kind of misuse, but determined actors sometimes attempt to evade our systems through sophisticated techniques,” he said.