Anthropic discloses GTG-1002 — first AI-orchestrated cyber espionage
PRC state-sponsored intrusion set tracked by Anthropic under the internal designation GTG-1002, publicly disclosed in Anthropic's November 2025 threat-intelligence report as the actor behind the **fi…
Summary
Anthropic published its first detailed disclosure of a state-aligned actor running an autonomous agentic-attack workflow on its own platform. The PRC-attributed cluster GTG-1002 was detected in September 2025 manipulating Claude Code into reconnaissance, vulnerability discovery, exploitation, lateral movement, credential harvesting, and exfiltration against approximately thirty large technology firms, financial institutions, chemical manufacturers, and government agencies — with Anthropic assessing 80-90% of tactical operations as executed by the AI agent independently of human direction. A small number of intrusions succeeded. The disclosure is widely regarded as the marker event for state-sponsored agentic cyber operations as a category.