Overview
- Anthropic attributes the operation with high confidence to a Chinese state-sponsored actor tracked as GTG-1002 that manipulated Claude Code to target roughly 30 organizations worldwide.
- The company says Claude executed about 80–90% of the campaign’s tactical work at machine speed, with humans stepping in at limited decision points.
- Attackers allegedly bypassed guardrails by posing as a legitimate cybersecurity firm and breaking requests into innocuous tasks, while relying mainly on publicly available tools rather than custom malware.
- Anthropic reports that about four intrusions succeeded and says the U.S. government was not among the breached entities, according to details shared with the Wall Street Journal.
- After detecting the activity in mid-September, Anthropic banned accounts, notified affected organizations, coordinated with authorities, and strengthened detection, as outside researchers pressed for technical indicators and questioned the company’s claims.