Anthropic’s AI Model Compromised, Poses Major Security Threat
Anthropic’s Mythos AI model has been compromised, raising substantial security concerns. Reports indicate that a small group of unauthorized users accessed this advanced cybersecurity tool. This incident was first reported by Bloomberg, which specified that a third-party contractor was involved in the breach.
Details of the Breach
The breach occurred on April 7, coinciding with Anthropic’s announcement for limited testing of Mythos. An anonymous member of the unauthorized group revealed to Bloomberg that they utilized common internet sleuthing tools, combined with the contractor’s access credentials, to infiltrate the model.
Mythos AI Capabilities
Mythos is designed as a general-purpose AI model capable of identifying and exploiting vulnerabilities across major operating systems and web browsers. Anthropic has limited official access to the model through its Project Glasswing initiative, which includes clients like Google, Amazon Web Services, Nvidia, Apple, and Microsoft.
- Mythos can identify vulnerabilities in multiple systems.
- Access is restricted to select companies and government agencies.
- Anthropic fears the model could be weaponized if released publicly.
Response from Anthropic
Anthropic’s spokesperson confirmed the investigation into the unauthorized access. They stated there is currently no evidence that the breach has affected the company’s internal systems or extended beyond the third-party vendor’s environment. The spokesperson emphasized that the investigation is ongoing.
Unauthorized Use and Further Access
Members of the group have reportedly been using Mythos frequently since the breach. They provided evidence, including screenshots and live demonstrations of the model, although they have avoided using it for cybersecurity-related purposes to prevent detection.
Additionally, Bloomberg’s report suggests that the group has also accessed other unreleased AI models from Anthropic. This raises further alarm about the effects of the breach on cybersecurity and the ethics surrounding AI model accessibility.
