Archives AI News

[Anthropic] A hacker used Claude Code to automate ransomware

Published on August 27, 2025 2:57 PM GMTAnthropic post title: Detecting and countering misuse of AI: August 2025[1]Read the full report here. Below lines are from the Anthropic post, and have not been edited. Accompanying images are available at the original link.We find that threat actors have adapted their operations to exploit AI’s most advanced capabilities. Specifically, our report shows:Agentic AI has been weaponized. AI models are now being used to perform sophisticated cyberattacks, not just advise on how to carry them out.AI has lowered the barriers to sophisticated cybercrime. Criminals with few technical skills are using AI to conduct complex operations, such as developing ransomware, that would previously have required years of training.Cybercriminals and fraudsters have embedded AI throughout all stages of their operations. This includes profiling victims, analyzing stolen data, stealing credit card information, and creating false identities allowing fraud operations to expand their reach to more potential targets.Below, we summarize three case studies from our full report.‘Vibe hacking’: how cybercriminals used Claude Code to scale a data extortion operationThe threat: We recently disrupted a sophisticated cybercriminal that used Claude Code to commit large-scale theft and extortion of personal data. The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government and religious institutions. Rather than encrypt the stolen information with traditional ransomware, the actor threatened to expose the data publicly in order to attempt to extort victims into paying ransoms that sometimes exceeded $500,000.The actor used AI to what we believe is an unprecedented degree. Claude Code was used to automate reconnaissance, harvesting victims’ credentials, and penetrating networks. Claude was allowed to make both tactical and strategic decisions, such as deciding which data to exfiltrate, and how to craft psychologically targeted extortion demands. Claude analyzed the exfiltrated financial data to determine appropriate ransom amounts, and generated visually alarming ransom notes that were displayed on victim machines.Implications: This represents an evolution in AI-assisted cybercrime. Agentic AI tools are now being used to provide both technical advice and active operational support for attacks that would otherwise have required a team of operators. This makes defense and enforcement increasingly difficult, since these tools can adapt to defensive measures, like malware detection systems, in real time. We expect attacks like this to become more common as AI-assisted coding reduces the technical expertise required for cybercrime.Our response: We banned the accounts in question as soon as we discovered this operation. We have also developed a tailored classifier (an automated screening tool), and introduced a new detection method to help us discover activity like this as quickly as possible in the future. To help prevent similar abuse elsewhere, we have also shared technical indicators about the attack with relevant authorities.Remote worker fraud: how North Korean IT workers are scaling fraudulent employment with AIThe threat: We discovered that North Korean operatives had been using Claude to fraudulently secure and maintain remote employment positions at US Fortune 500 technology companies. This involved using our models to create elaborate false identities with convincing professional backgrounds, complete technical and coding assessments during the application process, and deliver actual technical work once hired.These employment schemes were designed to generate profit for the North Korean regime, in defiance of international sanctions. This is a long-running operation that began before the adoption of LLMs, and has been reported by the FBI.Implications: North Korean IT workers previously underwent years of specialized training prior to taking on remote technical work, which made the regime’s training capacity a major bottleneck. But AI has eliminated this constraint. Operators who cannot otherwise write basic code or communicate professionally in English are now able to pass technical interviews at reputable technology companies and then maintain their positions. This represents a fundamentally new phase for these employment scams.Our response: when we discovered this activity we immediately banned the relevant accounts, and have since improved our tools for collecting, storing, and correlating the known indicators of this scam. We’ve also shared our findings with the relevant authorities, and we’ll continue to monitor for attempts to commit fraud using our services.No-code malware: selling AI-generated ransomware-as-a-serviceThe threat: A cybercriminal used Claude to develop, market, and distribute several variants of ransomware, each with advanced evasion capabilities, encryption, and anti-recovery mechanisms. The ransomware packages were sold on internet forums to other cybercriminals for $400 to $1200 USD.Implications: This actor appears to have been dependent on AI to develop functional malware. Without Claude’s assistance, they could not implement or troubleshoot core malware components, like encryption algorithms, anti-analysis techniques, or Windows internals manipulation.Our response: We have banned the account associated with this operation, and alerted our partners. We’ve also implemented new methods for detecting malware upload, modification, and generation, to more effectively prevent the exploitation of our platform in the future.Next stepsIn each of the cases described above, the abuses we’ve uncovered have informed updates to our preventative safety measures. We have also shared details of our findings, including indicators of misuse, with third-party safety teams.In the full report, we address a number of other malicious uses of our models, including an attempt to compromise Vietnamese telecommunications infrastructure, and the use of multiple AI agents to commit fraud. The growth of AI-enhanced fraud and cybercrime is particularly concerning to us, and we plan to prioritize further research in this area.We’re committed to continually improving our methods for detecting and mitigating these harmful uses of our models. We hope this report helps those in industry, government, and the wider research community strengthen their own defenses against the abuse of AI systems.Further readingFor the full report with additional case studies, see here.^I initially noticed this report from tjohnson314 in the Manifold Discord server, who linked to this NBC article about the Anthropic reportDiscuss

Trump Seeks to Cancel CHIPS Act R&D Organization’s Funds

The U.S. Commerce Department says it will not abide by an agreement to fund the U.S. CHIPS and Science Act’s R&D through the nonprofit set up to administer the program, called Natcast. Instead, it handed operational control to the National Institute of Standards and Technology (NIST).Natcast was created in 2023 to oversee the National Semiconductor Technology Center (NSTC), which the law established to conduct “research and prototyping of advanced semiconductor technology and grow the domestic semiconductor workforce to strengthen the economic competitiveness and security of the domestic supply chain.” The nonprofit was contracted to receive a total of US $7.4 billion, in annual payments and when the organization reaches milestones. But Commerce Secretary Howard Lutnick claimed that Natcast doesn’t meet certain legal requirements, and therefore the contract, inked less than a week before Donald J. Trump took office for the second time, is illegal. Several NSTC proponents whom IEEE Spectrum spoke to are concerned that the move could squander U.S. semiconductor leadership in the long term. The goal of the NSTC, those involved say, is to make gains in semiconductors from the CHIPS Act durable through continued advances. Since its establishment, Natcast has been working to bring up three key centers to execute those functions. In Silicon Valley, it’s established a workforce development and design enablement center. In New York, it opened a center for extreme-ultraviolet lithography for cutting edge chipmaking. And in Arizona, it plans to build a prototyping and packaging facility. The centers are intended to help startups and other companies more easily bridge the lab-to-fab gap that currently prevents new technologies from making it into commercial products.“There were people from day one…who viewed [Natcast] as very much a political entity and wanted to undo it”The CHIPS Act requires that the NSTC be operated as a “public private-sector consortium with participation from the private sector” instead of by a government agency. During the Biden administration, the Commerce Department created Natcast to fill that role, deliberately setting it up in a way to help maintain its independence from political interference. In a public letter to Natcast CEO Deirdre Hanford, Lutnick cast the actions of Hanford, her staff, and the volunteer advisors involved in the organization’s creation as giving “the appearance of impropriety” and flouting “federal law.” “From the very beginning Natcast served as a semiconductor slush fund that did nothing but line the pockets of Biden loyalists with American tax dollars,” he said in a press release.(IEEE Spectrum sought additional comment from the Commerce Department and from Natcast but did not receive a reply by press time.)Very little funding has actually been delivered, sources say, in part because Commerce has held up its dispersal. (Despite this, NSTC does have a list of accomplishments and is planning a symposium in September at which it will unveil its research agenda.) Lutnick’s legal argument for refusing payment now is that Natcast wasn’t established in accordance with the Government Corporation Control Act, which lays out how government agencies establish or purchase corporations. One person familiar with the situation who asked not to be named says that the structure of Natcast is typical of public-private partnerships and that its underpinnings were thoroughly reviewed by the Commerce Department before its establishment. What’s really at issue, this person says, is Natcast’s independence.“What was set up… was always designed with a long-term strategy in mind. I don’t think they’ll get that back…. I think all of that has gone away with this decision”“There were people from day one…who viewed [Natcast] as very much a political entity and wanted to undo it,” says this person.In the letter, Lutnick takes aim at Hanford, formerly a top executive at electronic design automation giant Synopsys, as well as at Natcast staffers who came over from government during the Biden administration or from a volunteer industrial advisory committee that included IEEE Fellows and other chip industry leaders. Targeting such people is concerning, says one expert who preferred not to be named, because chip experts who choose to work in government or at Natcast are usually giving up more lucrative work to serve their country. It has the effect of “punishing patriotic behavior,” the expert said.Delaying the work of the NSTC by attacking Natcast is counterproductive for the U.S. chip industry, the expert added. “We are in a race, and these delays make it all the more urgent.”Commerce will likely find some way to spend the money on semiconductor R&D eventually, sources agreed. One expert told Spectrum they have faith in NIST’s ability to administer the research funding. Mark Granahan, an early proponent of the CHIPS Act and CEO of Ideal Semiconductor, in Bethlehem, Penn., went further. “If the administration has a different tactic but the same goal… not just independence in semiconductors but leadership… then NIST and other existing infrastructure is capable of handling things,” he said.But other sources were skeptical it would have the same impact as Natcast. “What was set up… was always designed with a long-term strategy in mind,” said one person. “I don’t think they’ll get that back…. I think all of that has gone away with this decision.”

Mercury foundation models from Inception Labs are now available in Amazon Bedrock Marketplace and Amazon SageMaker JumpStart

In this post, we announce that Mercury and Mercury Coder foundation models from Inception Labs are now available through Amazon Bedrock Marketplace and Amazon SageMaker JumpStart. We demonstrate how to deploy these ultra-fast diffusion-based language models that can generate up to 1,100 tokens per second on NVIDIA H100 GPUs, and showcase their capabilities in code generation and tool use scenarios.