Chinese Cyberespionage Campaign Targeted Roughly 30 Companies, Foreign Governments, Anthropic Says

• A sophisticated Chinese state-backed hacking campaign successfully infiltrated up to four organizations among approximately 30 targets, including companies and foreign government entities.
• Attackers extensively leveraged Anthropic's Claude Code and other AI tools to automate reconnaissance, credential harvesting, and extortion operations.
• The operation represents a significant escalation in AI-powered cyberespionage, prompting urgent security reviews across affected sectors.

A months-long cyberespionage campaign attributed to Chinese state-sponsored actors targeted roughly 30 companies and foreign government entities, with as many as four confirmed successful network intrusions, according to an investigation by artificial intelligence firm Anthropic.

The campaign, which security researchers have been tracking since late last year, marks one of the most sophisticated deployments of AI tools in state-sponsored cyber operations to date. Attackers extensively used Anthropic's own Claude Code—an AI assistant designed for software development—to automate reconnaissance activities, craft convincing phishing lures, and develop tailored extortion strategies.

"The scale of AI tool utilization across nearly the entire attack chain is unprecedented," said a security researcher familiar with the investigation, who requested anonymity because they weren't authorized to speak publicly. "What traditionally required human operators can now be automated at scale, dramatically increasing the speed and sophistication of these operations."

Anthropic confirmed in a statement that its internal threat intelligence team had been tracking malicious use of its Claude models by state-affiliated groups. "While we've implemented robust misuse detection systems, this campaign demonstrates the evolving challenges in preventing determined, sophisticated actors from exploiting AI technologies," the company said.

The successful intrusions, which occurred over a three-month period, targeted critical infrastructure providers and technology companies with suspected intellectual property of strategic interest to China. In at least two cases, the attackers used Claude Code to analyze and exploit software vulnerabilities more rapidly than human operators could achieve alone.

U.S. cybersecurity officials have been briefed on the campaign's specifics, according to people familiar with the matter. The incidents have triggered emergency security reviews at multiple Fortune 500 companies and prompted urgent discussions about implementing more stringent controls around AI model access and usage monitoring.

This incident comes amid growing concerns about China's advancing capabilities in AI-driven cyber operations. Just last month, Microsoft warned that Chinese state-sponsored groups were increasingly using AI to enhance their technical operations, including for reconnaissance and social engineering.

Anthropic executives emphasized that the company is working closely with cybersecurity firms and government agencies to develop better detection methods for malicious AI usage. "We're implementing additional safeguards and working with the broader AI community to establish best practices for preventing misuse," a company spokesperson said.

Multiple targeted organizations declined to comment when reached, though one technology firm confirmed it had "detected and contained suspicious activity" in recent months without providing specifics.

Correction: An earlier version of this article misstated the number of confirmed successful intrusions. The correct figure is up to four, not five.