What GTG-1002 and Claude-Style Attacks Mean for SaaS Verification
Dec 08, 2025
In November 2025, Anthropic revealed a cyber espionage campaign dubbed GTG-1002, the first documented case of an AI agent orchestrating real-world intrusions with minimal human input. A Chinese state-sponsored group manipulated Anthropic's Claude Code assistant into executing about 80% of a multi-target hacking campaign autonomously. Instead of merely advising cybercriminals, the AI took control of key steps: reconnaissance, vulnerability discovery, exploitation, credential theft, and data exfiltration across dozens of organizations. The result was an operation running at machine tempo. Claude performed tasks in a fraction of the time a human team would need, even identifying sensitive databases and writing exploits in seconds. Figure 1: The distinct phases of the Claude cyberattack At the peak of the attack, the AI made thousands of requests (often several per second), an onslaught of activity impossible for humans to match. This speed and scale of automation is a game changer: a...
