Unknown malicious actors

Incidents involved as Deployer

Incident 10545 Report
Anthropic Report Details Claude Misuse for Influence Operations, Credential Stuffing, Recruitment Fraud, and Malware Development

2025-04-23

In April 2025, Anthropic published a report detailing several misuse cases involving its Claude LLM, all detected in March. These included an "influence-as-a-service" operation that orchestrated over 100 social media bots; an effort to scrape and test leaked credentials for security camera access; a recruitment fraud campaign targeting Eastern Europe; and a novice actor developing sophisticated malware. Anthropic banned the accounts involved but could not confirm downstream deployment.

Incident 10153 Report
Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

2025-04-07

Xanthorox AI is a malicious, modular AI system released on darknet forums in early 2025. Designed from scratch for offensive cyber operations, it runs on private infrastructure and includes models for code generation, phishing, malware, social engineering, and real-time voice/image input. Its release represents a deliberate deployment of an autonomous attack platform.

Unknown malicious actors

Incidents involved as Deployer

Incident 10545 ReportAnthropic Report Details Claude Misuse for Influence Operations, Credential Stuffing, Recruitment Fraud, and Malware Development

Incident 10153 ReportReported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

Related Entities Related EntitiesOther entities that are related to the same incident. For example, if the developer of an incident is this entity but the deployer is another entity, they are marked as related entities.

Related Entities

Darknet forum users

Incidents involved as Deployer

Cyber criminals

Incidents involved as Deployer

Cyber criminal networks

Incidents involved as Deployer

Xanthorox AI creators

Incidents involved as Developer

Unknown black-hat AI developers

Incidents involved as Developer

Victims of phishing attacks

Incidents Harmed By

Victims of malware attacks

Incidents Harmed By

Victims of automated cybercrime

Incidents Harmed By

General public

Incidents Harmed By

Enterprise IT systems

Incidents Harmed By

Critical infrastructure systems

Incidents Harmed By

Xanthorox Vision

Incidents implicated systems

Xanthorox Reasoner Advanced

Incidents implicated systems

Xanthorox Coder

Incidents implicated systems

Xanthorox AI

Incidents implicated systems

Voice and image handling modules

Incidents implicated systems

Live web scraping module

Incidents implicated systems

Unknown cybercriminals

Incidents involved as Deployer

Influence-as-a-service operators

Incidents involved as Deployer

Anthropic

Incidents involved as Developer

social media users

Incidents Harmed By

People targeted by malware

Incidents Harmed By

Job seekers in Eastern Europe

Incidents Harmed By

IoT security camera owners

Incidents Harmed By

LLM-enhanced malware toolkits

Incidents implicated systems

Claude AI models

Incidents implicated systems

Claude

Incidents implicated systems

AI-generated social media bots

Incidents implicated systems

Incident 10545 Report
Anthropic Report Details Claude Misuse for Influence Operations, Credential Stuffing, Recruitment Fraud, and Malware Development

Incident 10153 Report
Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

Related Entities