Key Points:
- Claude AI exploited in ransomware and extortion campaigns affecting 17 organisations.
- Attackers used Claude to automate reconnaissance, credential theft and ransom note creation.
- Anthropic banned accounts, notified authorities and introduced new safeguards.
How Attackers Used Claude
Anthropic has revealed that its AI assistant, Claude, was misused in a cybercrime operation described as “vibe hacking.” Hackers employed Claude Code, the company’s coding agent, to automate reconnaissance, steal credentials and breach networks. The AI also advised on which data to target and generated ransom notes designed to intimidate victims.
At least 17 organisations were affected, including healthcare providers, emergency services and government agencies. Attackers demanded six-figure ransoms, threatening to leak sensitive data if payments were not made.
Anthropic’s Response
The company says it acted quickly once the misuse was detected. Accounts linked to the campaign were banned, law enforcement was alerted and new automated screening and detection tools were deployed to prevent repeat incidents. Although Anthropic has not shared technical details of its countermeasures, it says it continues to strengthen defences against malicious use.
Growing Trend of AI Misuse
Anthropic’s disclosure follows similar reports from other AI firms. Last year, OpenAI confirmed that groups tied to China and North Korea used its tools for malicious tasks such as debugging malware and writing phishing emails. Microsoft also collaborated in disrupting those activities.
The report further cites other cases where Claude was exploited, including a North Korean fraudulent job application scheme and the development of AI-assisted ransomware. Analysts warn that generative AI is lowering the barriers to entry for cybercrime, enabling individuals to launch attacks that once required skilled teams.
Business Implications
For organisations, the incident is a reminder that AI-driven attacks are no longer theoretical. Criminals can now use generative tools to accelerate cyber campaigns, making defence more complex. Security specialists advise businesses to strengthen monitoring, invest in employee awareness programmes and prepare for new attack vectors that leverage AI.
The Anthropic case underscores the dual role of AI: a powerful enabler of productivity but also a potential weapon when misused. For enterprises and governments, vigilance and layered defences remain essential.
