• Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model Anthropic on Monday said it identified “industrial-scale campaigns” mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude’s capabilities to improve their own models. • The distillation attacks generated over 16 million exchanges with its large language model (LLM) through about 24,000 fraudulent accounts in violation of its terms of service and regional access restrictions. • All three companies are based in China, where theuse of its services is prohibiteduse of its services is prohibited due to “legal, regulatory, and security risks.” Distillation refers to a technique where a less capable model is trained on the outputs generated by a stronger AI system. • While distillation is a legitimate way for companies to produce smaller, cheaper versions of their own frontier models, it’s illegal for competitors to leverage it to acquire such capabilities from other AI companies at a fraction of the time and cost that would take them if they were to develop them on their own. • “Illicitly distilled models lack necessary safeguards, creating significant national security risks,” Anthropicsaid. • “Models built through illicit distillation are unlikely to retain those safeguards, meaning that dangerous capabilities can proliferate with many protections stripped out entirely.” Foreign AI companies that distill American models can weaponize these unprotected capabilities to facilitate malicious activities, cyber-related or otherwise, thereby serving as a foundation for military, intelligence, and surveillance systems that authoritarian governments can deploy for offensive cyber operations, disinformation campaigns, and mass surveillance.

Article Summaries:

  • Anthropic announced that it detected “industrial‑scale” distillation campaigns carried out by three Chinese AI firms-DeepSeek, Moonshot AI, and MiniMax-using more than 16 million Claude queries. The companies accessed the model through roughly 24,000 fraudulent accounts and commercial proxy services, violating Anthropic’s terms and regional restrictions. Each lab targeted specific Claude capabilities: DeepSeek focused on reasoning and censorship‑safe responses; Moonshot AI on agentic reasoning, tool use, coding, and vision; MiniMax on agentic coding and tool use. Anthropic traced the attacks via request metadata and IP correlation, warning that illicitly distilled models lack safeguards and pose national‑security risks.
  • Anthropic announced that three Chinese AI firms-DeepSeek, Moonshot AI, and MiniMax-conducted large‑scale distillation attacks on its Claude model, generating more than 16 million queries through roughly 24,000 fraudulent accounts. The companies used commercial proxy services to bypass Anthropic’s terms and regional restrictions, extracting Claude’s reasoning, coding, and tool‑use capabilities. Anthropic said the illicitly distilled models lack built‑in safeguards, posing national‑security risks by enabling unprotected AI for military, intelligence, and surveillance use. The firm traced each campaign to specific labs via IP and request metadata, highlighting the deliberate, commercial nature of the attacks.

Sources: