But it is not just cyber-crime that the tech is being used for.
Anthropic said “North Korean operatives” used its models to create fake profiles to apply for remote jobs at US Fortune 500 tech companies.
The use of remote jobs to gain access to companies’ systems has been known about for a while, but Anthropic says using AI in the fraud scheme is “a fundamentally new phase for these employment scams”.
It said AI was used to write job applications, and once the fraudsters were employed, it was used to help translate messages and write code.
Often, North Korean workers are “are sealed off from the outside world, culturally and technically, making it harder for them to pull off this subterfuge,” said Geoff White, co-presenter of the BBC podcast The Lazarus Heist.
“Agentic AI can help them leap over those barriers, allowing them to get hired,” he said.
“Their new employer is then in breach of international sanctions by unwittingly paying a North Korean.”
But he said AI “isn’t currently creating entirely new crimewaves” and “a lot of ransomware intrusions still happen thanks to tried-and-tested tricks like sending phishing emails and hunting for software vulnerabilities”.
“Organisations need to understand that AI is a repository of confidential information that requires protection, just like any other form of storage system,” said Nivedita Murthy, senior security consultant at cyber-security firm Black Duck.
