Anthropic’s newly developed AI model, flagged for its potential cyber risks, has been accessed by unauthorized entities even before its official rollout.
A small group of unauthorized users gained access to Anthropic’s Mythos model on the same day the company announced plans to release it to select partners for testing, Bloomberg reports, citing a person close to the matter.
According to the person, the group has been regularly using Mythos since then, corroborating the account with screenshots and a live demonstration of the model.
Anthropic has called Mythos its “most powerful” AI model and has given the biggest firms in the world access to an unreleased frontier model in an effort to secure critical software infrastructure. Last week, the UK’s AI Security Institute warned that Claude Mythos Preview became the first model to complete a 32-step corporate network attack, from initial reconnaissance to full network takeover.
The group relied on a combination of tactics to gain entry, with one member having access through a role at a third-party contractor for Anthropic. The group also relied on commonly used internet sleuthing tools employed by cybersecurity researchers and made an educated guess about the model’s online location based on knowledge of the format Anthropic has used for other models.
The users are part of a private Discord channel focused on hunting for information about unreleased AI models, including by using bots to scour for details posted on unsecured websites such as GitHub. The person says the group also has access to a range of other unreleased Anthropic models.
Despite the alarming nature of the access, the person says the group’s intentions are exploratory rather than malicious, preferring tasks like building simple websites in an attempt to avoid detection, and steering clear of cybersecurity-related prompts specifically to stay under the radar.
Anthropic says it is investigating the incident.
“We’re investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments.”
Photo by Jefferson Santos on Unsplash
Disclaimer: Opinions expressed at CapitalAI Daily are not investment advice. Investors should do their own due diligence before making any decisions involving securities, cryptocurrencies, or digital assets. Your transfers and trades are at your own risk, and any losses you may incur are your responsibility. CapitalAI Daily does not recommend the buying or selling of any assets, nor is CapitalAI Daily an investment advisor. See our Editorial Standards and Terms of Use.