More than two-thirds of the accounts banned by Anthropic for policy violations over the past year used artificial intelligence to help prepare for cyberattacks, such as writing malware, according to the AI firm.
anthropic he said on Wednesday that between March 2025 and March 2026, of the 832 accounts it investigated for violations of its policies, 560 accounts were used in this way.
The data reflects an alarming global trend — that AI is increasingly being used to carry out massive cyberattacks. In April, the value of the cryptocurrency stolen in the hack rose to $629.7 million, the most since February 2025, which some analysts linked to the widespread use of artificial intelligence.
Source: anthropic
Manuel Aráoz, founder of crypto security platform OpenZeppelin, said on May 27 that he considers “the whole of DeFi insecure” due to the ability of AI models to identify vulnerabilities in smart contracts.
While the data shows that most AI use is in the preparation phase of an attack, Anthropic said it has also started to be applied “deeper in the attack lifecycle,” with 6.5% of banned accounts using AI to help with “lateral movement” — which refers to the techniques a cyberattacker uses after gaining initial access.
“These types of ‘post-compromise’ techniques have previously been limited to actors with the technical know-how to implement them,” Anthropic said. “Our investigation shows that AI can now be made to perform these activities on behalf of less sophisticated actors.”
The AI has also increased the threat level of attackers. Anthropic classified a third of accounts, or 33%, as “medium risk or higher” in the first six months of its analysis, but that figure nearly doubled to 56% in the second six-month period of its study.
Last month, Google researchers detailed the type of threat posed by AI-powered hackers. Researchers have discovered what they believe is the first case of artificial intelligence being used to develop a zero-day exploit, which allowed hackers to bypass the two-factor authentication of an unnamed “popular open-source, web-based system administration tool.”
Related: The removal of AI guardrails raises questions about the limits of regulation of the open source model
It added that AI can now perform highly technical tasks for attackers, and there is “little correlation between the skill of a threat actor and how many techniques they use,” a metric that traditionally measures an attacker’s level of risk.
Anthropic said that in some cases, such as the one in November, a Chinese state-sponsored group carried out an attack in which an AI model worked autonomously, running exploits, stealing credentials and making decisions with human input at “crucial moments.”
“These are exactly the behaviors we expect to see much more of as AI agents become more capable,” it said.
In the coming weeks, Anthropic will unveil its Mythos AI model, the company’s large language model that has alarmed analysts for its powerful cybersecurity capabilities that have found more than 10,000 major vulnerabilities in widely used software.
Magazine: AI-powered hacks could kill DeFi — unless projects act immediately
