An unauthorized group gained access to the terrifyingly capable Claude Mythos model. Anthropic did not release it due to threats of misuse

Artificial intelligence has literally been changing the world in recent years. However, with the development of increasingly capable models, the risk that someone might misuse their capabilities for hacking or weapon development also increases. Precisely for this reason, Anthropic decided not to release its latest model, Claude Mythos, to regular users at all – the creators fear that attackers could exploit it for groundbreaking cyberattacks. Now, however, it turns out that even so, the model ended up in the hands of people who should not have had access to it.

How the Group Gained Access to the Model

The report of unauthorized access to Mythos was brought by Bloomberg, according to which a “handful” of people from a private Discord server focused on finding information about unreleased AI models gained access to the model. The paradox is that the group allegedly did not need any sophisticated attack for the breach – it was reportedly enough to guess where the model was located online.

The group deduced the model’s online location from earlier naming conventions that Anthropic used. These leaked this March during a data breach at AI startup Mercor. Furthermore, one member of the group reportedly had privileged access as an employee of a third party that works as a supplier for Anthropic. Bloomberg describes the subsequent procedure as methods commonly used by security researchers.

Anthropic confirmed that it is investigating the case. “We are investigating a report of alleged unauthorized access to the Claude Mythos Preview model through the environment of one of our external suppliers,” the company stated in an official announcement. Particularly striking is the fact that the breach occurred on the same day that Anthropic officially made the model available to selected partners, such as Apple or Goldman Sachs.

What Claude Mythos Is Capable Of

Claude Mythos is one of the latest additions to the Claude family of models from the American company Anthropic, which competes with other major players such as OpenAI and Google. According to its creators, it is a model with extraordinary capabilities in cybersecurity and hacking, in which it surpasses even experienced human specialists. It was introduced at the beginning of April and immediately became a subject of discussion among regulators, bankers, and lawmakers.

Anthropic claims that Mythos can independently find and exploit zero-day vulnerabilities in all major operating systems and internet browsers. During tests, the model uncovered thousands of serious flaws, with the oldest one hidden in the system for an incredible 27 years without anyone noticing it. Furthermore, the British AI Security Institute (AISI) confirmed that Mythos was the first model to successfully complete a 32-step cyberattack simulation – it managed it in three out of ten attempts.

Why Anthropic Did Not Release the Model

According to Anthropic, the capabilities of Claude Mythos are so dangerous that instead of a public release, the company chose a different path. It launched the Project Glasswing initiative, under which it granted access to the model to only twelve selected technology companies. Partners include big names such as Amazon Web Services, Apple, Microsoft, Google, Nvidia, Broadcom, Cisco, CrowdStrike, and Palo Alto Networks. The Linux Foundation also gained access, and in total, according to Anthropic’s statement, over 40 organizations responsible for critical software infrastructure have access to the model.

According to Anthropic CEO Dario Amodei, the goal is to use the model’s capabilities to strengthen defenses against cyberattacks, not to leave them in the hands of potential attackers.

However, regulators have also expressed concerns about the model. Canadian Finance Minister François-Philippe Champagne called it an “unknown unknown” that deserves the attention of all finance ministers, and Bank of England Governor Andrew Bailey told the BBC that the bank is closely monitoring what impact current AI developments might have on the risk of cybercrime.

Intruders Are Reportedly Just Playing with the Model

Despite being potentially one of the most dangerous AI models today, it appears that those who gained unauthorized access to it do not intend to cause harm. A group member told Bloomberg that they are not using Mythos for any malicious purposes – instead, they are, for example, building simple websites with it. The group even reportedly provided him with a live demonstration and screenshots proving they indeed have access to the model.

However, the group also claims access to other unreleased Anthropic models, which naturally raises questions about how well the company’s internal systems are secured. The situation is particularly paradoxical for a model that Anthropic itself claims has capabilities that can fundamentally reshape cybersecurity as we know it.

Although in this case, the leak fortunately does not seem to have led to misuse, it raises serious doubts. If a group of people from Discord can “just for fun” manage a model that was supposed to be so carefully guarded, it raises the question of what someone with truly malicious intentions could achieve. And this is precisely the scenario that cybersecurity experts have been warning about since Mythos was first introduced.

Should Anthropic reconsider its approach to developing such powerful AI models?

Sources: The Guardian, BBC, Mashable, Bloomberg