‘Vibe hacking’ raises alarm as AI chatbots come under scrutiny for cybercrime exploitation

Anthropic’s findings highlight fears that generative AI lowers cybercrime barriers, as incidents involving ChatGPT, Microsoft’s Copilot, and China’s Deepseek show attackers bypass safeguards by manipulating chatbots into role-playing or fictional scenarios to produce restricted code

Concerns are mounting in the cybersecurity community over the misuse of consumer artificial intelligence (AI) tools, with evidence showing that coding chatbots can be manipulated to aid cybercriminals in creating malicious software. The phenomenon, dubbed “vibe hacking,” represents a troubling shift in how generative AI is being exploited, according to a new report by U.S.-based AI firm Anthropic.

The company, which develops the Claude chatbot, revealed that its Claude Code system was abused in a data extortion campaign spanning multiple countries. The attacker allegedly used the tool to collect sensitive information, including personal data, medical records, and login credentials, before issuing ransom demands as high as $500,000. Anthropic acknowledged that despite its advanced security controls, safeguards failed to prevent this misuse. The perpetrator has since been banned from accessing its services.

Cybersecurity experts warn of growing threats

Anthropic’s findings reinforce long-standing fears among security professionals that generative AI could lower the barrier to entry for cybercrime. Rodrigue Le Bayon, who leads Orange Cyberdefense’s Computer Emergency Response Team, noted that criminals are integrating AI into their operations just as rapidly as legitimate users. “We’re unlikely to see highly advanced malware created by chatbots alone, but these tools can significantly increase the scale and speed of attacks,” he warned.

OpenAI has also reported instances of its ChatGPT being misused to create harmful code, while other platforms, including Microsoft’s Copilot and Chinese chatbot Deepseek, have faced similar challenges. Researchers point out that attackers often bypass safeguards by manipulating the chatbot into role-playing scenarios or fictional contexts that justify producing otherwise restricted content.

Workarounds expose industry gaps

Security researcher Vitaly Simonovich of Cato Networks demonstrated earlier this year that such “prompt engineering” tactics can trick AI into generating password-stealing tools. While his attempts were blocked by some platforms, he successfully bypassed restrictions on others, underscoring inconsistencies across the industry.

Experts believe these vulnerabilities could expand the reach of cybercrime, enabling individuals with limited technical skills to develop harmful software. Le Bayon suggested that while AI developers are working to strengthen monitoring and detection systems, the misuse of these tools is likely to grow in the short term. “The challenge is not the sophistication of the code itself but the sheer increase in potential victims,” he said.