SKN | AI-Powered Cyber Threats Surge as Anthropic Finds 67% of Banned Accounts Were Preparing Attacks

Key Points

• Anthropic found that 67% of banned accounts used AI tools to help prepare cyberattacks, including malware development and vulnerability research.
• The company reported growing evidence that AI is being used beyond planning stages and is assisting with active attack operations.
• Rising AI-driven cyber threats are increasing risks for cryptocurrency platforms, financial institutions, and critical digital infrastructure.

Artificial intelligence is rapidly transforming the cybersecurity landscape, and not always in ways that benefit defenders. New data from AI company Anthropic suggests that cybercriminals are increasingly using advanced AI systems to plan, refine, and execute attacks, raising concerns that the technology is lowering the barrier to entry for sophisticated cybercrime. The findings arrive as digital asset platforms, financial institutions, and critical infrastructure operators face a growing wave of increasingly complex cyber threats.

AI Becomes a Preferred Tool for Cybercriminals

Anthropic revealed that 67% of the 832 accounts it banned for policy violations between March 2025 and March 2026 had used its AI models to assist with cyberattack preparation. The company identified 560 accounts that leveraged artificial intelligence to perform activities ranging from malware development to vulnerability research and attack planning.

The figures highlight how AI is evolving from a productivity tool into a force multiplier for malicious actors. While cyberattacks traditionally required significant technical expertise, advanced language models are increasingly helping users automate complex tasks that previously demanded specialized skills.

For cybersecurity professionals, the trend represents a significant shift. Rather than replacing attackers, AI is amplifying their capabilities, allowing smaller groups and less sophisticated operators to perform actions once reserved for experienced hacking teams.

Cyber Threats Move Beyond the Planning Stage

Although most AI-assisted activity remains focused on the preparation phase of attacks, Anthropic found evidence that artificial intelligence is moving deeper into operational cyber workflows. Approximately 6.5% of banned accounts used AI to support “lateral movement,” a critical stage that occurs after initial network access has been obtained.

Lateral movement enables attackers to navigate compromised systems, escalate privileges, and access sensitive data. Historically, these techniques required advanced technical knowledge, but AI tools are increasingly capable of guiding users through these processes or performing portions of them autonomously.

The findings suggest that artificial intelligence is beginning to reduce the expertise required to conduct more advanced cyber operations, potentially expanding the pool of capable threat actors worldwide.

Rising Risks for Crypto and Financial Markets

The growing use of AI in cybercrime is particularly relevant for cryptocurrency markets and decentralized finance platforms. In April, crypto-related losses from hacks climbed to nearly $630 million, marking the highest monthly total since February 2025. Industry observers have increasingly linked this trend to the accelerating adoption of AI-assisted attack methods.

Security experts have also warned that AI models can identify vulnerabilities in smart contracts at unprecedented speed. As decentralized finance ecosystems continue to expand, the ability of AI systems to discover exploitable weaknesses could increase risks for protocols managing billions of dollars in digital assets.

The threat extends beyond crypto. Google researchers recently reported what they believe was the first documented case of AI being used to help develop a zero-day exploit capable of bypassing two-factor authentication protections in a widely used software system.

Autonomous AI Agents Raise New Security Questions

Anthropic also disclosed evidence of increasingly autonomous AI-driven attacks. In one incident involving a state-sponsored threat group, an AI system reportedly assisted with exploit execution, credential theft, and operational decision-making while requiring only limited human guidance.

The company noted that the proportion of higher-risk threat actors nearly doubled during its study period, rising from 33% in the first six months to 56% in the second half. This trend indicates that AI capabilities are becoming more accessible and more effective for malicious users.

As AI systems continue to evolve, organizations may need to rethink traditional cybersecurity strategies. The next phase of cyber defense will likely involve combating adversaries that can automate reconnaissance, vulnerability discovery, and attack execution at unprecedented scale. For businesses, financial institutions, and crypto platforms, staying ahead of that curve may become one of the defining security challenges of the coming decade.