I wrote this for my company’s blog about the recent hack that Anthropic reported, where a China-linked group carried out an attack against many targets using Claude Code.

It goes into the tension between capabilities and safety (from a security perspective) and why it’s not an easy problem to fix. Would love to hear your thoughts!

▲

verdverm 12 hours ago | parent [-]

Another post hit HN yesterday which claims that

1. No part of the attack required an LLM or agent, it used open source malware anyone can run

2. A more probable explanation is that claude provided a remote execution environment that is less likely to be blocked because the originating source is a US ip instead of typical malware ips

What are your thoughts on this (paraphrased) analysis?

(edit) apparently Anthropic has corrected the scale of the attack

> Corrected an error about the speed of the attack: not "thousands of requests per second" but "thousands of requests, often multiple per second"

	▲	danenania 11 hours ago \| parent [-]
		I think that makes sense. The change is not really in the kind of attack—anything the agent can do a human attacker could also do—but in the amount of effort and expertise required to design and scale up the attack. It’s a quantitative rather than qualitative change… but also, “quantity has a quality all its own”.