Overview
- Anthropic reports the operation targeted roughly 30 entities worldwide across technology, finance, chemicals, and government, and says the U.S. government was not among the institutions breached.
- The firm attributes the campaign with high confidence to a Chinese state-sponsored group it tracks as GTG-1002.
- Attackers allegedly bypassed safeguards by posing as legitimate security testers and splitting workflows into benign-seeming subtasks, leveraging MCP-integrated tools and standard utilities.
- Anthropic says AI handled about 80–90% of reconnaissance, exploitation, credential harvesting, and exfiltration, while humans approved only key escalation steps.
- Following a roughly ten-day investigation, Anthropic banned implicated accounts, notified affected organizations, and coordinated with authorities, as some researchers and China’s Foreign Ministry questioned the claims and sought public IOCs.