{"id":59680,"date":"2025-11-13T23:12:16","date_gmt":"2025-11-13T23:12:16","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/chinese-spies-told-claude-to-break-into-about-30-critical-orgs-some-attacks-succeeded\/"},"modified":"2025-11-13T23:12:16","modified_gmt":"2025-11-13T23:12:16","slug":"chinese-spies-told-claude-to-break-into-about-30-critical-orgs-some-attacks-succeeded","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/chinese-spies-told-claude-to-break-into-about-30-critical-orgs-some-attacks-succeeded\/","title":{"rendered":"Chinese spies told Claude to break into about 30 critical orgs. Some attacks succeeded"},"content":{"rendered":"

Chinese cyber spies used Anthropic’s Claude Code AI tool to attempt digital break-ins at about 30 high-profile companies and government organizations \u2013 and the government-backed snoops “succeeded in a small number of cases,” according to a Thursday report from the AI company.<\/p>\n

The mid-September operation targeted large tech companies, financial institutions, chemical manufacturers, and government agencies.<\/p>\n

\n

The threat actor was able to induce Claude to execute individual components of attack chains<\/p>\n<\/blockquote>\n

While a human selected the targets, “this marks the first documented case of agentic AI successfully obtaining access to confirmed high-value targets for intelligence collection, including major technology corporations and government agencies,” Anthropic’s threat hunters wrote<\/a> in a 13-page document [PDF].<\/p>\n

It’s also further proof<\/a> that attackers continue experimenting with AI to run their offensive operations. The incident also suggests heavily funded state-sponsored groups are getting better at autonomizing attacks.<\/p>\n

The AI vendor tracks the Chinese state-sponsored group behind the espionage campaign as GTG-1002, and says its operatives used Claude Code and Model Context Protocol (MCP) to run the attacks without a human in the tactical execution loop.<\/p>\n