Back to Home

Claude Mythos passed 32-step cyberattack TLO

Claude Mythos Preview became the first AI model to pass the 32-step TLO cyberattack simulation from AISI. Achieved 73% on expert CTF, but failed on OT. The institute will update tests with real protections.

Mythos hacked the network: 73% on expert CTF from AISI
Advertisement 728x90

# Claude Mythos: First AI Model Completes 32-Step Cyberattack on Corporate Network

Claude Mythos Preview autonomously executed a 32-step simulation of a corporate cyberattack, from reconnaissance to full network takeover. According to the AI Security Institute (AISI), the model completed the scenario fully in 3 out of 10 runs, averaging up to the 22nd step. A human expert requires about 20 hours for a similar task.

The Last Ones Simulation: Structure and Results

The Last Ones (TLO) scenario models a full attack on a corporate network:

  • Initial reconnaissance.
  • Gaining initial access.
  • Stealing credentials from browsers.
  • Lateral movement between hosts.
  • Exploiting web applications.
  • Privilege escalation.
  • Reverse-engineering C2 traffic.
  • Final network takeover.

Mythos outperformed competitors: Claude Opus 4.6 averaged stopping at the 16th step, Claude Sonnet 3.7 didn't even complete reconnaissance. Mythos achieved 30% full completions, indicating a breakthrough in autonomous AI cyber operations.

Google AdInline article slot

AISI noted that performance is limited by inference budget. Increasing the limit to 100M tokens per attempt improved results, with no signs of the model's capability ceiling.

Results in Capture-the-Flag Tasks

On AISI's CTF ranges, Mythos showed:

  • 73% success on expert-level (unsolved by models before April 2025).
  • 87% on apprentice level.
  • 97% on tasks for non-specialists.

This demonstrates scalability: the model is effective from simple to complex scenarios. However, on the Cooling Tower range, simulating OT systems, Mythos failed on standard IT stages before OT sections.

Google AdInline article slot

Limitations of Test Stands

AISI's ranges are simplified: no active defenders, detectors, or penalties for alerts. Mythos was not tested in real protected infrastructure conditions. AISI emphasizes that results do not extrapolate directly to production environments.

The institute plans to evolve the methodology:

  • Adding active monitoring.
  • Detection systems on endpoints.
  • SOC response simulation.
  • Testing AI-assisted vulnerability scanning on real systems.

Current ranges no longer distinguish top models: Mythos, Opus 4.6, and GPT-5.4 reach the limit on unprotected stands.

Google AdInline article slot

Key Takeaways

  • Mythos is the first model with 30% success in the full 32-step TLO simulation, ahead of Opus 4.6 (16 steps average).
  • 73% on expert CTF; performance growth with tokens up to 100M.
  • Failure on OT due to IT stages; ranges simplified, no real defenses.
  • AISI changing methodology: will add monitoring, EDR, and real scans.

These benchmarks signal the maturity of AI in red teaming. Developers should consider risks of autonomous agents in security contexts, focusing on strengthening defenses against such threats.

— Editorial Team

Advertisement 728x90

Read Next