I could really benefit from experts' analysis of this WSJ article reporting that China-backed hackers used Anthropic’s Claude to automate 80% to 90% of a September hacking campaign targeting corporations and governments.
There aren't a lot of specifics, but among those provided:
> The effort focused on dozens of targets and involved a level of automation that Anthropic’s cybersecurity investigators had not previously seen.
> In this instance 80% to 90% of the attack was automated, with humans only intervening in a handful of decision points.
> The hackers conducted their attacks “literally with the click of a button, and then with minimal human interaction."
> Anthropic disrupted the campaign and blocked the hackers’ accounts, but not before as many as four intrusions were successful.
> In one case, the hackers
> directed Claude tools to query internal databases and extract data independently.
> “The human was only involved in a few critical chokepoints, saying,
> doesn’t look right, Claude, are you sure?’”
> ‘Yes, continue,
> ’ ‘Don’t continue,
> ’ ‘Thank you for this information,
> ’ ‘Oh, that
> Stitching together hacking tasks into nearly autonomous attacks is a new step in a growing trend of automation that is giving hackers
> additional scale and speed.
We've seen so many exaggerated accounts of AI-assisted hacks. Is this another one? Are there reasons to take this report more seriously? Any other thoughts?
https://www.wsj.com/tech/ai/china-hackers-ai-cyberattacks-anthropic-41d7ce76
Dan Goodin
npub1z3…8qvzu
2025-11-13 18:02:34 UTC
Author Public Key
npub1z3lwfekw80j4ngzg6ky3ks202xr6uwnd4jttxzsd4euc9l55euvq48qvzuSeen on
wss://relay.momostr.pinkPublished at
2025-11-13 18:02:34 UTCEvent JSON
{
"id": "239f60c85f0425ae0c7d02c13c0f7274e28021c16ad05ded78fdd2d32edd6052",
"pubkey": "147ee4e6ce3be559a048d5891b414f5187ae3a6dac96b30a0dae7982fe94cf18",
"created_at": 1763056954,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/@dangoodin/115543700577374727",
"web"
],
[
"proxy",
"https://infosec.exchange/users/dangoodin/statuses/115543700577374727",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/dangoodin/statuses/115543700577374727",
"pink.momostr"
],
[
"-"
]
],
"content": "I could really benefit from experts' analysis of this WSJ article reporting that China-backed hackers used Anthropic’s Claude to automate 80% to 90% of a September hacking campaign targeting corporations and governments.\n\nThere aren't a lot of specifics, but among those provided:\n\n\u003e The effort focused on dozens of targets and involved a level of automation that Anthropic’s cybersecurity investigators had not previously seen.\n\n\u003e In this instance 80% to 90% of the attack was automated, with humans only intervening in a handful of decision points.\n\n\u003e The hackers conducted their attacks “literally with the click of a button, and then with minimal human interaction.\"\n\n\u003e Anthropic disrupted the campaign and blocked the hackers’ accounts, but not before as many as four intrusions were successful.\n\n\u003e In one case, the hackers\n\u003e directed Claude tools to query internal databases and extract data independently.\n\n\u003e “The human was only involved in a few critical chokepoints, saying,\n\u003e doesn’t look right, Claude, are you sure?’”\n\u003e ‘Yes, continue,\n\u003e ’ ‘Don’t continue,\n\u003e ’ ‘Thank you for this information,\n\u003e ’ ‘Oh, that\n\n\u003e Stitching together hacking tasks into nearly autonomous attacks is a new step in a growing trend of automation that is giving hackers\n\u003e additional scale and speed.\n\nWe've seen so many exaggerated accounts of AI-assisted hacks. Is this another one? Are there reasons to take this report more seriously? Any other thoughts?\n\nhttps://www.wsj.com/tech/ai/china-hackers-ai-cyberattacks-anthropic-41d7ce76",
"sig": "84944611a2fc64b87b2a6bcf1dbcf46f547349abdc60054487b44f44136ea758837e69344f06c1b746ff85d60f2fd16b3cc913c143cc9b8f18ac0452077db5ce"
}