Criminals Are Weaponizing AI to Automate Cyberattacks at Scale
Anthropic has published a report revealing how malicious actors are increasingly exploiting AI models for attacks and fraud, bypassing existing security measures. The document provides concrete examples showing that agent-based AI systems are no longer merely assistants in cyberattacks but are, in many cases, their direct executors.
The report notes that AI has dramatically lowered the barrier to entry into cybercrime: even individuals with little or no technical expertise can now develop sophisticated malware or participate in fraudulent schemes. Moreover, AI is being deployed across every stage of malicious operations — from identifying victims and analyzing stolen data to crafting false identities and conducting extortion campaigns.
Three case studies are examined in detail. The first describes a large-scale data extortion operation dubbed “vibe hacking.” Criminals used Claude Code on Kali Linux to automate reconnaissance, credential harvesting, and network intrusions. The AI independently decided which data to steal, how to formulate ransom demands, and even how to design menacing ransom notes with intimidating visuals.
At least 17 organizations — spanning healthcare, government agencies, emergency services, and religious institutions — fell victim. Instead of encrypting files, attackers threatened to publicly expose stolen information, demanding ransoms of up to $500,000. According to Anthropic, Claude analyzed victims’ financial data to calculate a “fair” ransom amount and generated detailed monetization strategies for the stolen databases.
The second case involves North Korea. Local IT specialists used Claude to craft convincing résumés, pass technical interviews, and secure remote jobs at major U.S. companies, including Fortune 500 firms. Previously, such schemes required years of preparation and fluency in English. With AI removing these barriers, operators with limited coding ability or language skills can now maintain steady employment and generate revenue for the regime, evading international sanctions.
The third case centers on the sale of ransomware-as-a-service (RaaS). A cybercriminal with minimal expertise created and marketed multiple ransomware variants on underground forums for prices ranging from $400 to $1,200. Claude assisted in developing encryption algorithms, defense evasion mechanisms, and methods to block data recovery — tasks that once demanded deep expertise in Windows internals and cryptography.
The report also highlights AI-driven attacks on telecommunications infrastructure in Vietnam, as well as experiments involving multiple agent-based models collaborating to execute fraud in tandem. Collectively, these findings point to a new phase in the evolution of cybercrime, where AI emerges as a full-fledged accomplice in attacks.
Anthropic stressed that it has been proactive in blocking malicious accounts, sharing indicators of compromise with authorities and partners, and deploying a specialized classifier to detect such misuse early. The company also underscored that the growing abuse of AI poses grave concerns and demands coordinated action from industry, the research community, and governments alike. Looking ahead, Anthropic pledged to continue its investigations in this field and to further strengthen protective mechanisms.
