Anthropic Report Details Claude Misuse for Influence Operations, Credential Stuffing, Recruitment Fraud, and Malware Development

April 23, 2025

In April 2025, Anthropic released a report disclosing several misuses of its Claude LLM, all detected in March. These included an 'influence-as-a-service' operation leveraging over 100 social media bots; an attempt to probe and test leaked credentials for security camera access; a recruitment fraud campaign targeting Eastern Europe; and a novice actor creating advanced malware. Anthropic suspended the implicated accounts, yet could not verify whether their work had further consequences. This case underscores the need for responsible AI governance, such as that provided by Project Cerebellum and its TAIM (Govern) mechanism.

For those interested in shaping safe and secure AI practices, JOIN US. Together, we can contribute to the HISPI Project Cerebellum TAIM (Govern) efforts.

Alleged deployer

unknown-malicious-actors, unknown-cybercriminals, influence-as-a-service-operators

Alleged developer

anthropic

Alleged harmed parties

social-media-users, people-targeted-by-malware, job-seekers-in-eastern-europe, iot-security-camera-owners, epistemic-integrity, national-security-and-intelligence-stakeholders

Data source

Incident data is from the AI Incident Database (AIID).

When citing the database as a whole, please use:

McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.

Pre-print on arXiv · Database snapshots & citation guide

We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.

Anthropic Report Details Claude Misuse for Influence Operations, Credential Stuffing, Recruitment Fraud, and Malware Development

Matched TAIM controls