| SYMBOL | COMMON_NAME | aka. SYNONYMS |
GTG-1002 is a Chinese state-sponsored APT that conducted a large-scale autonomous cyber espionage campaign targeting approximately 30 global organizations across various sectors, focusing on military and energy-related data. The operation utilized AI, specifically Anthropic’s Claude model, for reconnaissance, exploitation, and data exfiltration, significantly reducing human involvement. Attackers employed techniques such as automated task execution and evasion of safety protocols by masquerading as legal security testing. The campaign lasted 18 months and highlighted vulnerabilities in traditional incident response workflows.
There are currently no families associated with this actor.
| 2025-11-28
⋅
SOCRadar
⋅
AI-Powered Cyber Espionage: Inside the GTG-1002 Campaign GTG-1002 |
| 2025-11-13
⋅
Anthropic
⋅
Disrupting the first reported AI-orchestrated cyber espionage campaign GTG-1002 |