{“lastseen”:”2025-08-28T12:39:50″,”description”:”Anthropic\u2014the company behind the widely renowned coding chatbot, Claude\u2014says it uncovered a large-scale extortion operation in which cybercriminals abused Claude to automate and orchestrate sophisticated attacks.\\n\\nThe company issued a Threat Intelligence report in which it describes several instances of Claude abuse. In the report it states that:\\n\\n\\u003e \u201cCyber threat actors leverage AI\u2014using coding agents to actively execute operations on victim networks, known as vibe hacking.\u201d\\n\\nThis means that cybercriminals found ways to exploit vibe coding by using AI to design and launch attacks. Vibe coding is a way of creating software using AI, where someone simply describes what they want an app or program to do in plain language, and the AI writes the actual code to make it happen.\\n\\nThe process is much less technical than traditional programming, making it easy and fast to build applications, even for those who aren’t expert coders. For cybercriminals this lowers the bar for the technical knowledge needed to launch attacks, and helps the criminals to do it faster and at a larger scale.\\n\\nAnthropic provides several examples of Claude’s abuse by cybercriminals. One of them was a large-scale operation which potentially affected at least 17 distinct organizations in just the last month across government, healthcare, emergency services, and religious institutions.\\n\\nThe people behind these attacks integrated the use of open source intelligence tools with an \u201cunprecedented integration of artificial intelligence throughout their attack lifecycle.\u201d\\n\\nThis systematic approach resulted in the compromise of personal records, including healthcare data, financial information, government credentials, and other sensitive information.\\n\\nThe primary goal of the cybercriminals is the extortion of the compromised organizations. The attacker created ransom notes to compromised systems demanding payments ranging from $75,000 to $500,000 in Bitcoin. But if the targets refuse to pay, the stolen personal records are bound to be published or sold to other cybercriminals.\\n\\nOther campaigns stopped by Anthropic involved North Korean IT worker schemes, Ransomware-as-a-Service operations, credit card fraud, information stealer log analysis, a romance scam bot, and a Russian-speaking developer using Claude to create malware with advanced evasion capabilities.\\n\\nBut the case in which Anthropic found cybercriminals attack at least 17 organizations represents an entirely new phenomenon where the attacker used AI throughout the entire operation. From gaining access to the target\u2019s systems to writing the ransomware notes\u2014for every step Claude was used to automate this cybercrime spree.\\n\\nAnthropic deploys a Threat Intelligence team to investigate real world abuse of their AI agents and works with other teams to find and improve defenses against this type of abuse. They also share key findings of the indicators with partners to help prevent similar abuse across the ecosystem.\\n\\nAnthropic did not name any of the 17 organizations, but it stands to reason we’ll learn who they are sooner or later. One by one, when they report data breaches, or as a whole if the cybercriminals decide to publish a list.\\n\\n## Check your digital footprint\\n\\nData breaches of organizations that we’ve given our data to happen all the time, and that stolen information is often published online. Malwarebytes has a free tool for you to check how much of your personal data has been exposed\u2014just submit your email address (it\u2019s best to give the one you most frequently use) to our free Digital Footprint scanner and we\u2019ll give you a report and recommendations.\\n\\nSCAN NOW”,”published”:”2025-08-28T11:07:46″,”modified”:”2025-08-28T11:07:46″,”type”:”malwarebytes”,”title”:”Claude AI chatbot abused to launch \u201ccybercrime spree\u201d”,”source”:””,”references”:””,”id”:”MALWAREBYTES:55BE5219244A86AFE7C663D7C3A2B300″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/uncategorized\/2025\/08\/claude-ai-chatbot-abused-to-launch-cybercrime-spree”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-08-28T12:39:50″,”description”:”Anthropic\u2014the company behind the widely renowned coding chatbot, Claude\u2014says it uncovered a large-scale extortion operation in which cybercriminals abused Claude to automate and orchestrate sophisticated…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-14691","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n