CN

GTG-1002GTG-1002

Also known as: GTG-1002

Origin
CN
Known aliases
1

Profile

GTG-1002 is a Chinese state-sponsored APT that conducted a large-scale autonomous cyber espionage campaign targeting approximately 30 global organizations across various sectors, focusing on military and energy-related data. The operation utilized AI, specifically Anthropic’s Claude model, for reconnaissance, exploitation, and data exfiltration, significantly reducing human involvement. Attackers employed techniques such as automated task execution and evasion of safety protocols by masquerading as legal security testing. The campaign lasted 18 months and highlighted vulnerabilities in traditional incident response workflows.

Aliases· 1

GTG-1002

References

  1. https://assets.anthropic.com/m/ec212e6566a0d47/original/Disrupting-the-first-reported-AI-orchestrated-cyber-espionage-campaign.pdf
  2. https://socradar.io/blog/ai-powered-gtg-1002-campaign/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
UNG0002
Actor
APT.3102
Group
APT3
Actor
APT30
Group
APT12
Actor
APT2
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.