US-based artificial intelligence firm Anthropic has publicly accused three Chinese laboratories, including DeepSeek, Moonshot, and MiniMax, of orchestrating industrial-scale campaigns to extract the capabilities of its Claude model without authorization. According to Anthropic, the laboratories collectively generated over 16 million interactions with Claude through approximately 24,000 fraudulent accounts, violating the company’s terms of service and regional access restrictions. The firm emphasized that this activity is distinct from standard AI development practices and represents deliberate attempts to acquire advanced model capabilities for use in competing AI systems.
Central to the allegations is the technique known as distillation, where a smaller model is trained on outputs from a more capable one. While Anthropic acknowledged that distillation is a legitimate practice when used by labs on their own models to create smaller or cheaper versions, it warned that the method can be exploited. Competitors can gain sophisticated AI functionality in a fraction of the time and cost required to develop it independently. Anthropic described the campaigns as growing in sophistication and intensity, highlighting the global implications for AI security and the need for coordinated action among industry players and policymakers.
The company detailed that each campaign targeted Claude’s most advanced features, including agentic reasoning, tool use, and coding. DeepSeek conducted over 150,000 interactions focusing on reasoning, reinforcement learning, and generating alternatives to sensitive queries. Moonshot carried out more than 3.4 million exchanges, extracting capabilities in coding, data analysis, computer-use agent development, and computer vision, while MiniMax’s campaign exceeded 13 million interactions, concentrating on agentic coding and tool orchestration. Anthropic described the campaigns as coordinated and technically sophisticated, using proxy networks and hydra clusters to distribute traffic across APIs and cloud platforms, making detection difficult.
Anthropic also raised concerns about national security, noting that models developed through illicit distillation are unlikely to include safeguards designed to prevent misuse. The firm warned that foreign labs could integrate these capabilities into military, intelligence, and surveillance systems, enabling offensive cyber operations, disinformation campaigns, and mass surveillance. The allegations follow similar claims from OpenAI regarding Chinese AI firms distilling ChatGPT models over the past year. Anthropic has implemented technical countermeasures including behavioural fingerprinting, enhanced account verification, and model-level protections, while sharing intelligence with other AI companies, cloud providers, and regulators to prevent future misuse. The firm emphasized that the scale of the attacks and the sophistication of the campaigns make coordinated, industry-wide responses essential to protect intellectual property and maintain secure AI development environments.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
