As generative artificial intelligence emerges, digital innovation is evolving at an unprecedented rate, but it is also quietly reshaping cybercrime in a subtle way. Tools originally designed for the purpose of research, coding, and problem-solving are now being explored for a variety of less benign purposes as well.
This fact has been illustrated in a troubling fashion by recent revelations that threat actors have exploited the capabilities of Claude in order to support a large-scale intrusion targeting Mexican government networks.
A security researcher at Gambit Security reported that attackers extracted approximately 150 gigabytes of sensitive information from multiple Mexican government agencies, demonstrating how widely accessible artificial intelligence systems can be manipulated to assist sophisticated cyber operations despite built-in safeguards despite their ease of use.
It has been determined that the intrusion was not limited to passive reconnaissance. The attacker is believed to have used Claude throughout the campaign as an interactive tool for research and development.
Gambit Security has released an analysis that indicates that the activity began in December, and continued for approximately a month, during which the chatbot was repeatedly instructed to identify potential vulnerabilities within government networks and to create scripts for exploiting those vulnerabilities.
Using the same AI model, methods were also outlined for automating sensitive information extraction, effectively turning the model into an assistant for data extraction. In a series of carefully structured prompts, the operator gradually weakened the built-in safeguards of the model, thereby manipulating it slowly.
There have been reports that the system has rejected initial requests, but subsequent iterations seem to have bypassed the platform’s guardrails and generated increasingly more actionable material. The extent of the assistance presented by the model raised particular concerns among analysts.
According to Curtis Simpson, the system produced thousands of analytical outputs which detailed potential attack paths, internal network targets, and credential-related strategies, thereby providing guidance on how to proceed within compromised environments. These outputs were more structured operational guidance for the campaign’s human operator than casual responses.
According to Anthropic, an internal investigation had been initiated following the disclosure and that the activity had been disrupted and the accounts associated with the misuse were permanently banned. According to a company representative, safeguards are continuing to develop.
For example, the Claude Opus 4.6 model incorporates additional mechanisms to detect and block similar forms of abuse in the latest iteration.
In the time of publishing, it had not been officially determined that the individuals responsible for the intrusion were part of any advanced persistent threat group that had been publicly identified.
Nonetheless, analysts examining the operation noted several similarities with tactics historically associated with espionage campaigns involving Chinese actors.
As a result of intelligence gathered
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: