Anthropic admits its Claude AI was twisted into a tool for cyber theft, extortion, and fraud

US artificial intelligence company Anthropic has admitted that hackers hijacked its technology to commit large-scale cyber-crimes, including theft of personal data, extortion, and international fraud.

The firm, best known for its Claude chatbot, said criminals had used its AI systems “to an unprecedented degree” to aid cyber-attacks across multiple sectors, including government organisations.

According to Anthropic, hackers deployed its tools not just to write malicious code but also to make key decisions throughout their campaigns. In one incident, its AI generated extortion demands tailored to psychologically manipulate victims, even calculating ransom amounts. In another, the system was exploited to breach at least 17 organisations by producing attack scripts and identifying weak points in their defences.

The company described this as “vibe hacking” — a chilling example of how generative AI can be retooled for malicious use.

It also revealed that North Korean operatives had relied on Claude to infiltrate major US companies by posing as remote job applicants. The AI was used to generate convincing CVs, cover letters, and correspondence in English. Once employed, the operatives allegedly used Claude to write code and translate communications, enabling them to circumvent cultural and technical barriers.

Such activity, if proven, places US employers at risk of breaching international sanctions by inadvertently paying North Korean state-linked workers.

Anthropic said it had reported the incidents to authorities and disrupted the actors involved, while improving its internal detection systems to prevent further abuse.

Escalating risk from “agentic AI”

Experts say the revelations highlight the dangers posed by increasingly autonomous systems. “The time required to exploit cybersecurity vulnerabilities is shrinking rapidly,” warned Alina Timofeeva, an adviser on AI and cyber-crime. “Detection and mitigation must shift towards being proactive and preventative, not reactive after harm is done.”

Agentic AI — technology that can operate semi-autonomously and take decisions without constant human prompts — has been touted as the next frontier. But the Anthropic cases demonstrate that these systems can also supercharge existing criminal tactics.

Geoff White, co-presenter of The Lazarus Heist podcast, said North Korean operatives in particular stand to benefit. “They are sealed off from the outside world, culturally and technically, making it harder for them to pull off this subterfuge. Agentic AI can help them leap over those barriers, allowing them to get hired,” he explained.

Still, experts caution that AI is not creating wholly new crimewaves. “A lot of ransomware intrusions still happen thanks to tried-and-tested tricks like phishing emails and hunting for software vulnerabilities,” White noted.

A new front in cyber-security

The attacks underline the growing role of AI not only as a tool for productivity and innovation but also as a potential weapon in the hands of hostile actors. Cyber-security consultant Nivedita Murthy warned: “Organisations need to understand that AI is a repository of confidential information that requires protection, just like any other form of storage system.”

For Anthropic, the revelations cut against its branding as a company building “AI research and products that put safety at the frontier.” The firm insists that ongoing improvements to safeguards will help curb misuse.

But the cases highlight the scale of the challenge facing the tech industry: ensuring advanced AI systems cannot so easily be twisted into instruments of cyber-crime.

With state-sponsored operatives and criminal gangs alike now shown to be exploiting AI to breach defences, the race is on for governments and firms to keep pace with the escalating threat.