November 16, 2025
Receipts or it didn’t hack
Anthropic's report smells a lot like bullshit
Where’s the proof, Anthropic? Commenters yell “show receipts” after scary spy-hack claim
TLDR: Anthropic claims a Chinese-backed spy group used its AI to run a major hack, but the report lacks the usual proof, sparking a chorus of “show receipts.” Commenters split between “marketing scare” and “understaffed team” theories, demanding evidence because these claims could shape security policy and trust in AI.
Anthropic dropped a thriller: their report says a Chinese state-backed spy team used Claude, their AI assistant, to run most of a hacking operation. The crowd’s reaction? A wall of side-eye and a chorus of “receipts, please.” The loudest gripe: there are no “IoCs” — simple breadcrumbs like suspicious web addresses or file fingerprints that let others check if they were hit. Without those, skeptics say it reads more like a movie trailer than a field report. One commenter joked, “Even Claude thinks it’s BS,” linking a cheeky tweet, while another couldn’t even load the critique because the site “is hostile to VPNs,” turning the whole thing into a meta-meme about gatekeeping. Some are charitable: maybe Anthropic just doesn’t have the right security team to publish a proper play-by-play. Others smell a marketing scare — a push to sell AI-for-defense or sway lawmakers, painting rivals as unsafe. The lightning-rod claim that AI did “80–90%” of the work is also getting roasted as unverifiable. The vibe is equal parts popcorn and pitchforks: half the crowd shouting “fearmongering,” the other half asking Anthropic to drop hard evidence. Until then, the internet’s verdict is simple: no details, no deal. Read the report? Sure. Believe it? Prove it.
Key Points
- •The article critiques Anthropic’s report for lacking standard threat-intelligence artifacts (IoCs, TTPs, hashes, domains, IPs).
- •Anthropic’s executive summary claims detection of a Chinese state-sponsored group (GTG-1002) in September 2025 targeting ~30 entities with some successful intrusions.
- •The report asserts attackers used Claude/Claude Code as autonomous penetration testing agents, executing 80–90% of operations.
- •The article contrasts Anthropic’s report with CERT-FR’s detailed APT28 publications that include MITRE ATT&CK mapping, phishing details, tooling, and recommendations.
- •Without technical details or proofs, the article argues Anthropic’s claims are difficult to verify or act upon for security teams.