Hackers Tried Turning Claude into a Cybercrime Teacher: Anthropic Issues Report

Do you know that approximately 1,000 cyberattacks happen every minute worldwide? Also, are you aware that 8 out of 10 phishing emails today are generated by AI (according to an article by The Hindu)? Over the past two decades of technological advances, at least 6.5 million people have been affected. With the vast technology of today, anyone can be a victim. Anthropic (the company behind Claude AI) has issued a warning that hackers are using the tool as a teacher to hack, steal data, and scam people. Were they successful? If so, how much money did they make? What is Anthropic doing to fight against malicious acts like these? Learn more.

When Did the Warning Come Out?

Anthropic posted a video report in which Jacob Klein (Head of A.I. Safeguards, Threat Intel) and Alex Moix (Threat Investigations Lead) discussed the matter in detail. Anthropic wrote on LinkedIn, “AI is being weaponized for autonomous cyberattacks, criminal infrastructure is becoming AI-native, and barriers to sophisticated cybercrime are dropping. We’re sharing these findings to strengthen collective defenses across the industry while continuously improving our safeguards.”

What Did the Hackers Try to Do With Claude?

While the hackers were going about their business calmly in the background, Anthropic caught them and published a report immediately.

They were using Claude for:

• To write convincing emails (scam) to trick their targets. 
• To fix code and make malicious hacking software. 
• To create social media posts that are again convincing or influence the public. 
• To act like a teacher to guide a step-by-step process through hacking. 

Notably, one hacker in particular did:

• Tricked Claude Code into pointing out companies that looked weak and vulnerable (so that they can easily hack into).
• Later, they guided the tool to write malware that can steal data.
• After successfully stealing the data, they asked Claude to review the files and identify the most valuable information (such as financial records).
• After that, they used Claude to analyze the financial records of those companies to determine how much these companies could pay if hacked.
• And finally, asked the tool to write notes outright, demanding money in Bitcoin. They went too far, threatening to leak the stolen data if the companies decide not to pay.

Who Were Targeted?

According to Anthropic, about 17 companies in total were targeted (names not revealed), like:

• Healthcare providers (hospitals/medical companies).
• Defense contractors (who work with highly sensitive military stuff).
• Financial services (banks and fintechs).

They stole:

• Social Security numbers.
• Bank details.
• Medical records.
• Classified defense data (restricted under strict U.S. arms regulations).

How Much Was the Ransom?

It is not certain at the moment whether the companies paid any money to those hackers, but they demanded anywhere from $75,000 (at the low end) to $500,000 or more.

How Anthropic Is Fighting Against These Hackers?

• The built-in safety systems helped Anthropic detect what was going on. Soon, Anthropic handled the issue before any further damage was done.
• Banned all the suspicious hacker accounts.
• Strengthened the filtering process to prevent such attacks from happening again.
• Published the case study to warn the users.

They stressed:

• That one particular hacker was an individual outside the U.S., active for 3 months.
• Even though Claude has multiple layers of defense, hackers still find new ways to trick around.
• Anthropic promised to keep testing, take outside reviews, and timely release threat reports. 

 Final Thoughts…

Several other tech giants (OpenAI, Google, and SoftBank-backed startups) are facing similar issues, calling for strict regulation around the subject matter.