{"id":14313,"date":"2026-07-15T10:03:40","date_gmt":"2026-07-15T10:03:40","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/07\/15\/chinese-hackers-embed-claude-code-and-deepseek-in-ai-powered-government-cyberattacks\/"},"modified":"2026-07-15T10:03:40","modified_gmt":"2026-07-15T10:03:40","slug":"chinese-hackers-embed-claude-code-and-deepseek-in-ai-powered-government-cyberattacks","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/07\/15\/chinese-hackers-embed-claude-code-and-deepseek-in-ai-powered-government-cyberattacks\/","title":{"rendered":"Chinese Hackers Embed Claude Code and DeepSeek in AI-Powered Government Cyberattacks"},"content":{"rendered":"<p>    Chinese Hackers Embed Claude Code and DeepSeek in AI-Powered Government Cyberattacks<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p class=\"wp-block-paragraph\">An active, highly structured intrusion campaign co-opting commercial artificial intelligence platforms as operational engines for state-sponsored operations.<\/p>\n<p class=\"wp-block-paragraph\">Rather than acting as peripheral research tools, Claude Code and DeepSeek-v4-pro were embedded directly into the core execution flows of a China-linked cyber espionage campaign. <\/p>\n<p class=\"wp-block-paragraph\">The operation uncovered by Hunt researchers pivoted off known TencShell <a href=\"https:\/\/cybersecuritynews.com\/command-and-controlc2-server\/\" target=\"_blank\" rel=\"noreferrer noopener\">command-and-control (C2)<\/a> infrastructure originally documented by Cato CTRL in May 2026, which exposed an open directory containing victim source code, custom exploit scripts, operator logs, and cloned login pages, accompanied by simplified Chinese documentation.<\/p>\n<h2 id=\"h-chinese-hackers-embed-claude-code-and-deepseek\" class=\"wp-block-heading\"><strong>Chinese Hackers Embed Claude Code and DeepSeek<\/strong><\/h2>\n<p class=\"wp-block-paragraph\">Researchers analyzed the recovered operator logs, which revealed a definitive, programmatic division of labor between two distinct large language models:<\/p>\n<ul class=\"wp-block-list\">\n<li>\n<strong>Claude Code (Execution &amp; Automation):<\/strong> Tasked with agentic tool interaction, processing interactive bash environments, running terminal commands, and maintaining operational session persistence.<\/li>\n<li>\n<strong>DeepSeek-v4-pro (Reasoning &amp; Attack Logic):<\/strong> Leveraged exclusively for high-level attack reasoning, script generation, security evasion logic, and exploit adaptation.<\/li>\n<\/ul>\n<p class=\"wp-block-paragraph\">Detailed instructions discovered inside a central <code>CLAUDE.md<\/code> workspace file directed the automated agent to construct, test, and dynamically optimize targeted phishing infrastructure. <\/p>\n<p class=\"wp-block-paragraph\">Operational timelines dated between June 8 and June 12, 2026, exposed dedicated active working environments tailored specifically for Taiwan-based intelligence requirements. <\/p>\n<p class=\"wp-block-paragraph\">This systematic operational flow mirrors Anthropic\u2019s November 2025 security advisory concerning a China-linked threat actor using <a href=\"https:\/\/cybersecuritynews.com\/hackers-compromised-jscrambler\/\" target=\"_blank\" rel=\"noreferrer noopener\">malicious developer tools<\/a> to orchestrate mass automated infrastructure intrusions.<\/p>\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEirhg-DEf6UNvuYprGIW-WvfaL-4Tuw2GFBXj2Nstv-Fani6LGK79aPNQ1ErPmFh8pOXlMat8C7jnzQduPjXmapYSPRNbnn0tccOBwuWk-xHmzLO4VnH628bSIanHiOR35lIt7Y1ayk_fI5Apq98Vpt4FkHihKmS53jfQrLJiRApcp3zchtqh0Yqx6oovg\/s1600\/Suspected%2BChinese%2BOperators%2BUse%2BClaude%2BCode%2Band%2BDeepSeek%2Bto%2BTarget%2BGovernment%2Band%2BFinancial%2BSystems%2BAcross%2BFour%2BCountries%2B-%2Bfigure%2B1%2520%281%29.webp?ssl=1\" alt=\"TencShell malware port 1111 HTTP header, showing 13 unique IP's\"><figcaption class=\"wp-element-caption\">TencShell malware port 1111 HTTP header, showing 13 unique IPs (Image Source: HUNT.io)<\/figcaption><\/figure>\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/hunt.io\/blog\/chinese-operators-claude-deepseek-government-intrusion\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Hunt researchers pivoted on a shared<\/a>, unique HTTP header fingerprint; investigators exposed a broader infrastructure network spanning 13 primary servers across four separate Hong Kong-based Autonomous System Numbers (ASNs).<\/p>\n<p class=\"wp-block-paragraph\">Three of these primary collection nodes utilized overlapping SSH keys and TLS certificates to establish built-in redundancy layers.<\/p>\n<p class=\"wp-block-paragraph\">The primary collection node <code>112.213.124[.]132<\/code>hosted a multi-tiered offensive toolkit featuring the ARL (Attack Reconnaissance Lighthouse) framework for network mapping, DeepAudit for vulnerability identification, and Vshell for remote system administration.<\/p>\n<p class=\"wp-block-paragraph\">These tools sat directly alongside an open repository staging 2,431 stolen or operational files. The analysis also brought to light an entirely undocumented secondary framework, dubbed \u201cGshell,\u201d that executed in lockstep across identical infrastructure, demonstrating that the threat group maintained parallel C2 frameworks to maximize operational uptime.<\/p>\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjEyJADqZxj7gxRhVrg_KOpdCgYwjNR08k0b5FBGIWEF52d2hY2G25wBYFwHZqokgTyjoBG_F_Dm7DqDYUrpQsvQMZZKh0d1nKEovKJW2V57HnHzHfeSwoMvRkXameKZcN5UbzPD-u5ALc9UfW0bBGGNs3dI5zIL8QQ29xXpYOcQWK_USgMhg4YXODw88g\/s1600\/Suspected%2BChinese%2BOperators%2BUse%2BClaude%2BCode%2Band%2BDeepSeek%2Bto%2BTarget%2BGovernment%2Band%2BFinancial%2BSystems%2BAcross%2BFour%2BCountries%2B-%2Bfigure%2B2%2520%281%29.webp?ssl=1\" alt=\"IP profile for 112.213.124[.]132 showing open ports 1111, 3000 (DeepAudit), 5003 (ARL), 8084 (Vshell), and 8888 (open directory)\"><figcaption class=\"wp-element-caption\">IP profile for 112.213.124[.]132 showing open ports 1111, 3000 (DeepAudit), 5003 (ARL), 8084 (Vshell), and 8888 (open directory) (Image Source: HUNT.io)<\/figcaption><\/figure>\n<figure class=\"wp-block-table is-style-stripes\">\n<table class=\"has-fixed-layout\">\n<thead>\n<tr>\n<td><strong>Target Country \/ Sector<\/strong><\/td>\n<td><strong>Compromised System Vector<\/strong><\/td>\n<td><strong>Core Exploitation Payload \/ Objective<\/strong><\/td>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>Taiwan<\/strong><\/td>\n<td>Supply chain networks &amp; manufacturing entities (8 firms)<\/td>\n<td>SQL injection (SQLi) of chemical firms; exfiltration of cloud tokens (Supabase\/Azure SAS keys).<\/td>\n<\/tr>\n<tr>\n<td><strong>Thailand<\/strong><\/td>\n<td>Government administrative application nodes<\/td>\n<td>SQLMap-driven data dump of employee national ID records; GIF-polyglot webshell deployment for persistence.<\/td>\n<\/tr>\n<tr>\n<td><strong>Afghanistan<\/strong><\/td>\n<td>Laravel-based public application architecture<\/td>\n<td>Ingestion of citizen complaint databases and encryption keys via custom deserialization Remote Code Execution (RCE).<\/td>\n<\/tr>\n<tr>\n<td><strong>United States<\/strong><\/td>\n<td>Public sector subdomains and civic databases<\/td>\n<td>Footprinting of NASA subdomains; staging of unfinished phishing clones targeting the D.C. Council and Delaware County, Pennsylvania.<\/td>\n<\/tr>\n<tr>\n<td><strong>Financial Services<\/strong><\/td>\n<td>Enterprise payment processing platforms<\/td>\n<td>Cross-Origin Resource Sharing (CORS) exploitation targeting administrative WordPress web credentials across Europe, Australia, and Asia.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p class=\"wp-block-paragraph\">The campaign documents an intermediate-to-advanced threat landscape characterized by custom exploit payloads tuned to narrow framework version signatures, cross-platform malware orchestration, and real-time LLM-driven evasion cycles. <\/p>\n<p class=\"wp-block-paragraph\">Operators successfully used these setups for <a href=\"https:\/\/cybersecuritynews.com\/qilin-ransomware-dcsync-active-directory\/\" target=\"_blank\" rel=\"noreferrer noopener\">active credential harvesting<\/a> across widespread multi-tenant corporate applications.<\/p>\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiig1jDeo2JS-jiIGtIhFPcwR36mEEg9yK4D9LBVrKTzLKUXwdZWUFeiIy3l1looqEg3gjyHua8Po6XLM_mnyNZfgbw18sDQCS1Q_zg6AweeR7LDRhlAdpISVqCzgehS9toZaRDp28ATV353eOxIczVyH25UDYHDEQJk8IWbR0X5ChgH40Cb8mPEypaobQ\/s1600\/Suspected%2BChinese%2BOperators%2BUse%2BClaude%2BCode%2Band%2BDeepSeek%2Bto%2BTarget%2BGovernment%2Band%2BFinancial%2BSystems%2BAcross%2BFour%2BCountries%2B-%2Bfigure%2B7%2520%281%29.webp?ssl=1\" alt=\"Redacted compromised database table of a Thai government admin panel\"><figcaption class=\"wp-element-caption\">Redacted compromised database table of a Thai government admin panel (Image Source: HUNT.io)<\/figcaption><\/figure>\n<p class=\"wp-block-paragraph\">The combination of simplified Chinese developer logs, geographic localization across Hong Kong internet infrastructure, and targets explicitly mirroring state intelligence mandates strongly supports a China-based threat grouping. <\/p>\n<p class=\"wp-block-paragraph\">Ultimately, this activity signals a critical paradigm shift: commercial AI systems have evolved from passive, offline research helpers into live, force-multiplying components of interactive cyber attacks, raising fresh questions about dual-use risks in agentic environments.<\/p>\n<p class=\"has-text-align-center has-background wp-block-paragraph\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 87%,rgb(169,184,195) 100%)\"><strong>Attackers Move in Seconds. Defenses Take Hours! Blackpoint Built the Answer \u2013 <\/strong><a href=\"https:\/\/blackpointcyber.com\/webinar\/webinar-blackpoint-ai-a-decade-in-the-making\/?utm_source=3s_cybersecuritynews&amp;utm_medium=&amp;utm_campaign=26q3_webinar_blackpoint-ai-a-decade-in-the-making&amp;utm_content=&amp;utm_term=\"><strong>Attend a Free Webinar<\/strong><\/a><strong> on AI SOC Agent to contain a live attack.<\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/chinese-hackers-ai-attacks\/\">Chinese Hackers Embed Claude Code and DeepSeek in AI-Powered Government Cyberattacks<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Kavichselvan<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/chinese-hackers-ai-attacks\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Chinese Hackers Embed Claude Code and DeepSeek in AI-Powered Government Cyberattacks An active, highly structured intrusion campaign co-opting commercial artificial intelligence platforms as operational engines for state-sponsored operations. Rather than acting as peripheral research tools, Claude Code and DeepSeek-v4-pro were embedded directly into the core execution flows of a China-linked cyber espionage campaign. The operation [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[701,1636,2591,63],"tags":[130],"class_list":["post-14313","post","type-post","status-publish","format-standard","hentry","category-cyber-attack","category-cyber-attack-news","category-cyber-hacking-news","category-cyber-security-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14313"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=14313"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14313\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=14313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=14313"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=14313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}