The $0 Transaction That Signaled a Nation-State Cyberattack

Recorded Future observed payment-card testing activity and a failed ~$200 fraudulent charge tied temporally and infrastructurally to a November 2025 Anthropic cyber-espionage campaign attributed to a Chinese state-sponsored actor; analysts describe a kill chain of card validation, aging, resale, and attempted use to access AI services, and recommend mitigation steps for banks and merchants (re-issue compromised cards, raise fraud risk scores, deploy 3D Secure and correlate payment vs. registration data).