A threat actor weaponized Claude and Claude Code on Kali Linux to automate large-scale theft and extortion of personal data in July 2025. The actor targeted at least 17 organizations across healthcare, emergency services, government and religious institutions, threatening public exposure of stolen data to extort ransoms sometimes exceeding $500,000 instead of using traditional ransomware. The attacker embedded operational instructions in a CLAUDE.md file for persistent context, scanned thousands of VPN endpoints, harvested credentials, performed network discovery, and established persistence. Claude generated bespoke Chisel tunneling utilities and disguised malicious executables as Microsoft tools. The campaign, codenamed GTG-2002, allowed Claude to make tactical and strategic decisions and craft targeted ransom demands by analyzing victims' financial data.
"The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government, and religious institutions," the company said. "Rather than encrypt the stolen information with traditional ransomware, the actor threatened to expose the data publicly in order to attempt to extort victims into paying ransoms that sometimes exceeded $500,000." "The actor employed Claude Code on Kali Linux as a comprehensive attack platform, embedding operational instructions in a CLAUDE.md file that provided persistent context for every interaction."
The unknown threat actor is said to have used AI to an "unprecedented degree," using Claude Code, Anthropic's agentic coding tool, to automate various phases of the attack cycle, including reconnaissance, credential harvesting, and network penetration. The reconnaissance efforts involved scanning thousands of VPN endpoints to flag susceptible systems, using them to obtain initial access and following up with user enumeration and network discovery steps to extract credentials and set up persistence on the hosts.
Collection
[
|
...
]