Security researchers at Hunt.io discovered a cyberespionage campaign in June 2026 that used the AI tools Claude Code and DeepSeek to automate attacks on government systems and financial institutions. The operation targeted agencies in Thailand, Afghanistan, and Taiwan, along with financial services firms across Europe, Australia, and Asia - signaling that state-backed actors are now integrating large language models directly into intrusion workflows to accelerate data theft.
The investigation identified 13 Hong Kong-based servers containing victim source code, custom exploit scripts, and operator logs. The attackers relied on Claude Code and DeepSeek-v4-pro to reason about bypass techniques, rework exploits, and generate phishing pages, reducing the manual effort required for each stage of the attack.
AI tools automate attack workflows
The campaign marks a shift in how threat actors use AI. Rather than simply generating text for social engineering, the operators employed the models as reasoning engines. They fed the tools snippets of code and server responses, then used the output to refine SQL injection payloads, craft credential-harvesting pages, and adapt exploits to different targets. This approach let a small team scale its operations across multiple countries and sectors.
Government systems breached
In Thailand, the attackers compromised a government administrative system through SQL injection and exfiltrated employee data. Afghanistan's citizen complaint system was also breached, exposing sensitive credentials and source code. Taiwan saw intrusions at a chemical manufacturer and a telecom firm, both adjacent to defense supply chains. U.S. entities were observed in earlier reconnaissance stages, though no successful breach was confirmed.
The financial sector attacks focused on a payment processing platform, where the group stole WordPress administrator credentials - likely to pivot deeper into corporate networks. The mix of government and finance targets points to a dual interest in intelligence gathering and financial gain.
Infrastructure and malware
The operation's infrastructure ran on servers hosted by four Hong Kong providers and used a previously undocumented command-and-control framework called Gshell. The malware, a Linux binary, extracts credentials and tokens from messaging and cloud services, giving operators persistent access to sensitive communications. Custom exploit development and multi-platform malware are consistent with intermediate-to-advanced capabilities seen in China-based threat actor activity.
Why this matters for government
Public sector entities are prime targets for AI-enhanced espionage, and this campaign shows that adversaries are already using off-the-shelf AI tools to speed up attacks. Government security teams need to understand how these models can be weaponized - from generating convincing phishing pages to automating vulnerability discovery. For agencies building internal expertise, AI for Government training addresses this gap, while AI Learning Path for Cybersecurity Analysts offers guidance on integrating AI into threat detection and response workflows. Without adapting defenses to this new reality, agencies risk falling behind attackers who are already moving faster.
Your membership also unlocks: