Chinese Hackers Attack 30 Locations with One Click: Intrusion Attempt Using AI Automation

ARTIFICIAL INTELLIGENCE-AI, 24 Nov 2025

Tomoko Takeuchi – TRANSCEND Media Service

— Cases Confirmed of Intrusion Attempts Using Commercial AI Models by Suspected China-Backed Organization —

— Automated Attacks Using Coding Models… Accelerating Movement to Minimize Human Intrusion —

14 Nov 2025 – It has been revealed that a hacker group suspected of being backed by the Chinese government attempted a large-scale intrusion attack using the “Claude” model from US AI startup Anthropic.

– [Anthropic Warns of AI-Driven Hacking Campaign Linked to China]

– [Anthropic Says Chinese Hackers Used Its AI for Cyberattack]

– [Meet the Chinese ‘Typhoon’ hackers preparing for war]

– [The International Criminal Court Will Now Prosecute Cyberwar Crimes]

On the 13th (local time) of this month, Anthropic confirmed attacks targeting a total of 30 locations, including government agencies, major technology companies, financial institutions, and chemical manufacturers, in September of this year, and revealed that actual intrusions had occurred in some cases.

– [Hackers Used Anthropic’s Claude to Automate 30 Cyberattacks]

– [Disrupting the first reported AI-orchestrated cyber espionage campaign \ Anthropic]

A distinctive feature of this attack is that the hackers used the coding model “Claude Code” to automate most of the tasks.

Jacob Klein, Anthropic’s head of threat intelligence, told The Wall Street Journal, “This attack was literally carried out with one click and minimal human intervention.” Humans only played a limited role, such as fact-checking and providing instructions for specific processes.

The attacker used “jailbreaking” techniques to circumvent the AI ​​model’s safeguards. He reportedly circumvented Claude’s restrictions by falsely representing himself as an employee of a legitimate security company and claiming to be conducting intrusion prevention tests.

– [New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60%]

– [How Anthropic’s AI was jailbroken to become a weapon]

However, Claude occasionally exhibited errors that appeared to be “hallucinations,” such as generating non-existent credentials and falsely claiming to be able to extract confidential information from public documents.

Upon detecting the suspicious activity, Anthropic immediately suspended the account in question and, after a 10-day investigation, reported the matter to the relevant authorities.

Regarding concerns about the potential for AI models to be misused, Anthropic stated, “The very capabilities that can be used for attacks are essential for security detection and defense.” It added, “We will continue to develop Claude, equipped with powerful safeguards, so that it can help experts improve their threat detection and defense capabilities.”

–  [How China’s growing cyber-hacking capabilities have raised alarm around the world]

Notes:

1. The hyperlinks in the paragraphs and those with brackets [ ], with the italic letters at the end of some paragraphs were added by the translator for the convenience of the reader.
2. The views and/or opinions in those hyperlinks added by the translator do not necessarily reflect those of his. In addition, it is either impossible or unavailable for the translator to verify the genuineness of the information in those links. He does not take any responsibility for the contents in those relevant links at all.
3. One or a few supplementary words, phrases or sentences in Italic letters without underlines in brackets [ ] or Gothic letters were added to show the original author’s message in some contexts or sentences clearer where deemed necessary, while the essential meaning in the original message of the author was retained, neither modified nor changed at all. 
4. The views and/or opinions expressed in the above-mentioned article are those of Tomoko Takeuchi, who is the original author. Her views and/or opinions do not necessarily reflect those of those of the translator. Therefore, the reader is kindly requested to understand, interpret or judge those views and/or opinions at his or her own responsibility.
5. The original article in Japanese was published more than a few days or a few weeks ago. Meanwhile, the situations and/or conditions referred to in the article might have been changed. This also means that the author’s argument expressed and/or the information provided in the article might have become inadequate or less or least adequate, obsolete, out of date or no longer valid by the time the reader reads this English translation article. 

_______________________________________________

Tomoko Takeuchi is a journalist for the Japanese edition of Kangnam Times (a.k.a. Gangnam Times), a South Korean curation information portal service, where she has written more than 3000 articles.

Translation: Satoshi Ashikaga – Google Translate

Original in Japanese:  中国系ハッカー、商用AIを武器化し30拠点へ“瞬時侵入” – 江南タイムズ

This article originally appeared on Transcend Media Service (TMS) on 24 Nov 2025.

Anticopyright: Editorials and articles originated on TMS may be freely reprinted, disseminated, translated and used as background material, provided an acknowledgement and link to the source, TMS: Chinese Hackers Attack 30 Locations with One Click: Intrusion Attempt Using AI Automation, is included. Thank you.

If you enjoyed this article, please donate to TMS to join the growing list of TMS Supporters.

Share this article: email mastodon facebook 🔗 copy link

This work is licensed under a CC BY-NC 4.0 License.

There are no comments so far.