Threat actors used Claude Code and GPT-4.1 to compromise Mexican water utility IT and attempt OT breach

Timeline

1. 2025-12

   Campaign begins targeting nine Mexican government agencies using AI-assisted and manual techniques.

2. 2026-01

   Attackers breach water utility IT environment. Claude Code deployed to identify OT access paths.

3. 2026-01

   Claude identifies vNode industrial gateway, researches vendor docs, generates credential list, launches password spray. OT breach fails.

4. 2026-02

   Campaign ends. Gambit Security recovers ~350 AI-generated malicious scripts and campaign artifacts during recovery.

5. 2026-05-14

   Dragos and Gambit Security publish reports. Cybersecurity Dive, Infosecurity Magazine, Industrial Cyber cover the incident widely.

Technical breakdown

• Claude Code operated with zero prior ICS/OT context yet independently identified the industrial gateway and attack path — demonstrating how AI eliminates the specialized knowledge barrier for OT attacks.
• The AI autonomously chained recon → vendor research → credential generation → attack execution with no human checkpoint between steps.
• Approximately 350 AI-generated malicious scripts were recovered, indicating the AI was used for bulk offensive tooling production across the broader campaign.
• Multiple agencies were breached via manual methods alongside AI-assisted ones; AI was used where it accelerated difficult technical reconnaissance tasks.
• The OT breach failed due to authentication hardening on the target system — a lucky outcome, not a designed safeguard.