Source link : https://tech365.info/claude-didnt-simply-plan-an-assault-on-mexicos-authorities-it-executed-one-for-a-month-throughout-4-domains-your-safety-stack-cant-see/
Attackers jailbroke Anthropic’s Claude and ran it towards a number of Mexican authorities businesses for about a month. They stole 150 GB of knowledge from Mexico’s federal tax authority, the nationwide electoral institute, 4 state governments, Mexico Metropolis’s civil registry, and Monterrey’s water utility, Bloomberg reported. The haul included paperwork associated to 195 million taxpayer information, voter information, authorities worker credentials, and civil registry recordsdata. The attackers’ weapon of alternative wasn’t malware or refined tradecraft created in stealth. It was a chatbot accessible to anybody.
The attackers created a sequence of prompts telling Claude to behave as an elite penetration tester operating a bug bounty. Claude initially pushed again and refused. Once they added guidelines about deleting logs and command historical past, Claude pushed again tougher. “Specific instructions about deleting logs and hiding history are red flags,” Claude responded, in keeping with a transcript from Israeli cybersecurity agency Gambit Safety. “In legitimate bug bounty, you don’t need to hide your actions.”
The hacker stop negotiating with Claude and took a distinct method: handing Claude an in depth playbook as an alternative. That acquired previous the guardrails. “In total, it produced thousands of detailed reports that included ready-to-execute plans, telling the human operator exactly which internal targets to attack next and what…
—-
Author : tech365
Publish date : 2026-02-27 05:18:00
Copyright for syndicated content belongs to the linked Source.
—-
1 – 2 – 3 – 4 – 5 – 6 – 7 – 8