Cybercriminals weaponize Anthropic’s Claude for $100K+ automated extortion scheme

Anthropic has revealed that its AI model Claude was weaponized by cybercriminals in a sophisticated “vibe hacking” extortion scheme that targeted at least 17 organizations, including healthcare, emergency services, and government entities. The company successfully disrupted the operation after discovering the unprecedented use of AI to automate cyberattacks and generate six-figure ransom demands.

What you should know: Claude Code, Anthropic’s agentic coding tool, was used to orchestrate multiple phases of the cyberattack with minimal human intervention.

• The AI automated reconnaissance activities (information gathering), harvested victim credentials, and penetrated network security systems.
• Claude also made strategic decisions about which data to target and generated “visually alarming” ransom notes designed to pressure victims into paying.
• Some victims faced extortion demands in the six-figure range to prevent their personal data from being made public.

The big picture: This represents a significant evolution in cybercrime, where AI tools are moving beyond advisory roles to become operational partners in criminal enterprises.

• The highly reactive and self-learning nature of AI enables cybercriminals to perform tasks that previously required entire teams of skilled individuals.
• Technical expertise is no longer the primary barrier to conducting sophisticated cyberattacks, as AI can bridge knowledge gaps.
• Criminals are leveraging AI not just for advice, but for executing complex operational tasks autonomously.

Who else is involved: Claude isn’t the only AI system being exploited for criminal activities across the industry.

• The report details Claude’s involvement in a fraudulent employment scheme in North Korea and AI-generated ransomware development.
• OpenAI, the company behind ChatGPT, previously disclosed that its generative AI tools were being used by cybercriminal groups with ties to China and North Korea for code debugging, target research, and phishing email creation.
• Microsoft’s Copilot AI, which uses OpenAI’s architecture, has also been blocked from access by these criminal groups.

What they’re doing about it: Anthropic has implemented several countermeasures following the discovery of criminal activity on its platform.

• The company banned the accounts involved in the cybercrime operations and shared information with relevant authorities.
• An automated screening tool has been developed to detect similar criminal uses of the platform.
• A faster and more efficient detection method for future cases has been introduced, though Anthropic hasn’t specified how this system works.