In a significant cybersecurity development, San Francisco-based Anthropic has accused three major Chinese AI companies—DeepSeek, Moonshot AI, and MiniMax—of orchestrating extensive distillation attacks on its Claude models. These coordinated efforts involved creating approximately 24,000 fake accounts, resulting in over 16 million interactions with Claude, thereby breaching Anthropic’s terms of service and bypassing geographical access restrictions.
Understanding AI Distillation
AI distillation is a process where a smaller, ‘student’ model learns from a larger, ‘teacher’ model, a technique typically used to enhance AI efficiency. However, when applied to a competitor’s model without authorization, it enables rapid capability transfer at a minimal cost. Anthropic stresses that such distilled versions of Claude might lack the rigorous safety measures embedded in U.S. models, posing significant risks if these capabilities are utilized for military or surveillance purposes by authoritarian regimes.
Details of the Attacks
The alleged attacks had varying scales and targets. DeepSeek focused on advanced reasoning and censorship-safe alternatives, conducting over 150,000 exchanges through synchronized traffic and shared payment methods. Moonshot AI, with over 3.4 million exchanges, targeted agentic reasoning and coding, using numerous fraudulent accounts to reconstruct Claude’s reasoning processes. MiniMax executed the largest campaign with over 13 million exchanges, adapting quickly to new Claude model releases to maintain its data extraction efforts.
Anthropic claims these activities were verified through IP correlations, request metadata, and infrastructure fingerprints, with one case directly linking request metadata to senior researchers at the accused labs.
Countermeasures and Future Steps
To counter these attacks, Anthropic is enhancing its detection systems, employing advanced classifiers and behavioral analytics to identify coordinated activities. Additionally, the company is collaborating with other AI labs, cloud providers, and authorities to strengthen security measures and share technical indicators. Anthropic calls for a collective effort across the AI industry to tackle these challenges, emphasizing the importance of U.S. export controls on advanced chips to limit such distillation attacks.
This revelation follows recent warnings by OpenAI to U.S. lawmakers about similar distillation threats targeting ChatGPT. As the AI landscape evolves, the need for robust security and regulatory frameworks becomes increasingly critical.
Stay informed with the latest updates in cybersecurity by following us on Google News, LinkedIn, and X. Contact us to feature your stories.
