AI Is Handing Hackers Tools That Once Belonged to Elite Attackers

Anthropic found that artificial intelligence (AI) now performs advanced attack tasks on behalf of unsophisticated hackers, work that once required great technical skill, weakening the long-standing link between an attacker’s expertise and the danger they pose.

The conclusion is based on a year-long study of 832 banned accounts. It signals a lower barrier for attacks on crypto infrastructure as basic actors gain elite capabilities.

AI Pushes More Hackers Up On The Risk Tier, Anthropic Finds

Anthropic published the findings in a report. The data covers accounts banned between March 2025 and March 2026. 

The report noted that security teams long judged threat levels by how many techniques or what tools an attacker used. Anthropic says that the signal no longer holds.

“Now that AI can perform highly technical tasks on an actor’s behalf, there’s little correlation between the skill of a threat actor and how many techniques they use,” the Frontier Red team said.

The least-skilled actors averaged about 16 techniques. The most skilled averaged about 20. The platform used, whether Claude Code, an API, or a chat tool, also showed no link to risk.

“What often helps distinguish higher-risk actors is where in the attack life cycle they apply AI…But even that signal is already eroding,” the team added.

Follow us on X to get the latest news as it happens

new anthropic AI cyberattack report confirms the skill-gap needed to execute a major exploit has basically been reduced to zerothe share of medium-high risk attackers has grown from 33-56% in < 12 months– anthropic studied 832 banned accounts that executed cyberattacks using… https://t.co/GPiS7hhavs pic.twitter.com/yUdt0lPA8T

— Ejaaz (@cryptopunk7213) June 3, 2026

The report also found that attackers are increasingly deploying AI deeper into the attack chain. While AI-assisted phishing activity declined by 8.6%, AI-assisted account discovery within compromised networks increased by 8.9%. 

Anthropic said AI is now being used to support “operationally demanding techniques” such as privilege escalation, lateral movement, and account discovery, tasks that were previously limited to more technically capable attackers.

As a result, the share of actors classified as medium risk or higher rose from 33% in the first half of the study period to 56% in the second half, marking a 1.7-fold increase.

Among the 832 banned accounts analyzed, 67.3% used AI to assist in malware development, while 6.5% used it for lateral movement within compromised systems. 

The findings are particularly relevant for the crypto industry, where cyberattacks continue to escalate. By reducing the expertise needed to carry out complex operations, AI is enabling a wider range of threat actors to target exchanges, protocols, and digital wallets.

The crypto sector has already seen a rise in security incidents. In May 2026 alone, the industry recorded 40 major hacks, resulting in substantial losses.

Subscribe to our YouTube channel to watch leaders and journalists provide expert insights