“Oh, a Non-Expert”—Hackers Feast on Easy Targets… Hacking Is a Breeze with a Single Command to “Find the Weakness and Infiltrate” [The Fallen Coding Barrier]④ | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Editor’s NoteWe are now in the era of ‘Vibe Coding,’ where artificial intelligence (AI) writes code simply from verbal instructions. Compared to the past decade, when coding was all the rage and the developer profession was highly coveted, the landscape has changed dramatically. While anyone can now code, securing a job in the sector has become even more challenging, and security issues have become more severe. This rapid shift in the development paradigm is already transforming our daily lives. The Asia Business Daily takes a closer look at the industrial transformation driven by Vibe Coding.

In August of last year, a report released by Anthropic sent security authorities worldwide into a frenzy. According to the report, hackers exploited Anthropic’s artificial intelligence (AI) development tool, ‘Claude Code,’ to attack government agencies, healthcare services, emergency response organizations, and religious groups over the span of a month. The hacker group ‘GTG-1002,’ believed to be backed by China, also used Claude to create AI-automated programs for attacks. Anthropic referred to these cybercrimes as ‘Vibe Hacking,’ emphasizing that “developing AI-based automated defense systems to counter such attacks is urgently needed.”

While Vibe Coding is boosting work productivity, it is also causing side effects that undermine security systems. There are concerns that programs created by non-experts may have security vulnerabilities that become easy targets for hackers, potentially leading to broader societal issues.

On April 14 (local time), the UK’s AI Safety Institute (AISI) released its evaluation of the cybersecurity capabilities of Anthropic’s new AI model, ‘Mythos,’ in its preview version. Mythos Preview delivered the best results in ‘The Last Ones,’ a 32-stage corporate network attack simulation. It succeeded in three out of ten hacking attempts and was the first case to complete the simulation from start to finish. OpenAI’s generative AI model ‘ChatGPT 5.4’ only averaged 14 stages. AISI stated, “An environment now exists in which attackers can grant network access rights to AI models and automatically attack systems with weak security.”

Vibe Coding Enables Effortless Hacking… Even the Speed of Attacks Improves

The most notable feature of Anthropic Mythos is its ‘autonomy.’ With a single command such as “Find the weakness and infiltrate,” it can identify security vulnerabilities and even write hacking code. Leaked Anthropic documents contain internal assessments warning that Mythos’s outstanding performance could pose “unprecedented cybersecurity risks.” Bloomberg reported that U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell urgently summoned CEOs of major financial institutions to the Treasury headquarters in Washington out of concern for the potential impact of Mythos on financial markets.

Experts predict that hacking attacks leveraging AI will become more frequent in the future. According to the ‘2026 Global Threat Report’ released by global cybersecurity firm CrowdStrike, cyberattacks utilizing AI technology increased by 89% last year compared to the previous year. CrowdStrike pointed out that hackers have accelerated the development of malicious code through AI. Advances in AI have not only improved the development of hacking programs but also the speed of attacks. The average speed of cybercrime was recorded at 29 minutes last year, which is 65% faster than the year before.

‘Citizen Developers’ Become Attack Targets… “Corporate Security Will Be Threatened”

The bigger concern is that Vibe Coding could actually worsen security issues. As non-developers lacking programming expertise use Vibe Coding to create numerous programs, the number of easy targets for hackers increases. Nadir Israel of cybersecurity startup Armis pointed this out at the RSA Conference 2026, the world’s largest cybersecurity exhibition held in San Francisco on March 25. He said, “Code from citizen developers who have not undergone security validation is increasingly penetrating deep into corporate systems,” warning that “this will become a serious threat to corporate security.”

In Korea, hacking incidents are also increasing every year. According to the Korea Internet & Security Agency, there were 2,383 reports of hacking incidents in the private sector last year. The number of reported hacking incidents climbed from 640 in 2021 to 1,142 in 2022, 1,277 in 2023, and 1,887 in 2024, showing a steady upward trend each year. In January and February of this year alone, 415 hacking incidents were already reported.

Related articles: “Can you get some work done while I’m out for lunch?”—How Vibe Coding Changed Work Methods [The Fallen Coding Barrier]①

Two Hours of Vibe Coding: Even a Reporter Can Create an Investment Profile Analysis Site [The Fallen Coding Barrier]②

“Job Seekers Out, Office Workers In”—How Vibe Coding Changed the Education Scene [The Fallen Coding Barrier]③

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.