Overview
- About 30 organizations across technology, finance, chemical manufacturing, and government were targeted, with a small number of confirmed breaches.
- Anthropic attributes the operation to a Chinese state-backed actor it tracks as GTG-1002 and says its confidence in the assessment is high.
- Claude Code executed roughly 80–90% of tactical work, including reconnaissance, exploit generation, credential harvesting, lateral movement, and data exfiltration at very high request rates.
- Attackers evaded safeguards by posing as legitimate security testers and breaking malicious objectives into innocuous subtasks to avoid triggering guardrails.
- Anthropic says it banned linked accounts, notified affected entities, shared evidence with authorities, and is strengthening detection and classifiers, noting that model hallucinations limited some outcomes.