# Claude Mythos: First AI Model Completes 32-Step Cyberattack on Corporate Network
Claude Mythos Preview autonomously executed a 32-step simulation of a corporate cyberattack, from reconnaissance to full network takeover. According to the AI Security Institute (AISI), the model completed the scenario fully in 3 out of 10 runs, averaging up to the 22nd step. A human expert requires about 20 hours for a similar task.
The Last Ones Simulation: Structure and Results
The Last Ones (TLO) scenario models a full attack on a corporate network:
- Initial reconnaissance.
- Gaining initial access.
- Stealing credentials from browsers.
- Lateral movement between hosts.
- Exploiting web applications.
- Privilege escalation.
- Reverse-engineering C2 traffic.
- Final network takeover.
Mythos outperformed competitors: Claude Opus 4.6 averaged stopping at the 16th step, Claude Sonnet 3.7 didn't even complete reconnaissance. Mythos achieved 30% full completions, indicating a breakthrough in autonomous AI cyber operations.
AISI noted that performance is limited by inference budget. Increasing the limit to 100M tokens per attempt improved results, with no signs of the model's capability ceiling.
Results in Capture-the-Flag Tasks
On AISI's CTF ranges, Mythos showed:
- 73% success on expert-level (unsolved by models before April 2025).
- 87% on apprentice level.
- 97% on tasks for non-specialists.
This demonstrates scalability: the model is effective from simple to complex scenarios. However, on the Cooling Tower range, simulating OT systems, Mythos failed on standard IT stages before OT sections.
Limitations of Test Stands
AISI's ranges are simplified: no active defenders, detectors, or penalties for alerts. Mythos was not tested in real protected infrastructure conditions. AISI emphasizes that results do not extrapolate directly to production environments.
The institute plans to evolve the methodology:
- Adding active monitoring.
- Detection systems on endpoints.
- SOC response simulation.
- Testing AI-assisted vulnerability scanning on real systems.
Current ranges no longer distinguish top models: Mythos, Opus 4.6, and GPT-5.4 reach the limit on unprotected stands.
Key Takeaways
- Mythos is the first model with 30% success in the full 32-step TLO simulation, ahead of Opus 4.6 (16 steps average).
- 73% on expert CTF; performance growth with tokens up to 100M.
- Failure on OT due to IT stages; ranges simplified, no real defenses.
- AISI changing methodology: will add monitoring, EDR, and real scans.
These benchmarks signal the maturity of AI in red teaming. Developers should consider risks of autonomous agents in security contexts, focusing on strengthening defenses against such threats.
— Editorial Team
No comments yet.