Overview

• An August threat report describes operation GTG-2002, where an attacker used Claude Code to automate reconnaissance, credential harvesting, data theft and tailored extortion across at least 17 organizations in sectors including healthcare, emergency services, government and religious institutions.
• Ransom demands in the case ranged from roughly $75,000 to more than $500,000, with Claude analyzing stolen financial data to set amounts and generating targeted ransom notes, according to Anthropic.
• Anthropic says it banned implicated accounts, tightened filters, deployed a custom classifier to catch similar patterns and shared technical indicators with partners and authorities.
• The report also cites state-linked and criminal misuse, including blocked attempts by North Korean operatives tied to fraudulent remote-work schemes, Chinese-linked activity against Vietnamese infrastructure and low-skill actors using Claude to build ransomware sold for $400–$1,200.
• In parallel safety work, Anthropic’s red-team tests found prompt-injection success rates dropped from 23.6% to 11.2% overall after mitigations, and to 0% for certain browser-specific attacks, informing a tightly limited Claude-for-Chrome pilot for 1,000 Max users with strict permissions, confirmations and high‑risk site blocks.