The San Francisco-based lab said the operations involved roughly 24,000 fraudulent accounts and generated more than 16 million exchanges with Claude, violating its terms of service and bypassing regional access restrictions.
The company said the labs used proxy services and networks of fake accounts dubbed “hydra clusters” to mask their activity and evade detection.
Distillation is a standard AI training technique in which a smaller “student” model learns from the outputs of a larger “teacher” model. Frontier labs routinely use it to create cheaper, faster versions of their own systems.
But when applied illicitly to a competitor’s model, it allows rapid capability transfer at a fraction of the original development cost and time.
Anthropic emphasized that distilled copies of Claude are unlikely to retain the robust safety safeguards built into U.S. frontier models — safeguards designed to prevent misuse in areas such as bioweapons development or malicious cyber operations.
The company warned that these unprotected capabilities could be fed into military, intelligence, or surveillance systems by authoritarian governments or open-sourced, spreading dangerous AI tools beyond any single nation’s control.
DeepSeek
Moonshot AI (Kimi models)
MiniMax
Anthropic attributed the campaigns with high confidence using IP correlations, request metadata, infrastructure fingerprints, and corroboration from industry partners.
In one case, request metadata directly matched public profiles of senior researchers at the labs.
Anthropic does not offer commercial access to Claude in China. The labs circumvented this by purchasing access through third-party commercial proxy services that resell API calls at scale.
These services operate sprawling networks of fraudulent accounts that mix distillation traffic with legitimate customer requests, making detection significantly harder.
The company said it is investing heavily in new detection systems, including classifiers for chain-of-thought elicitation and behavioral fingerprinting to spot coordinated activity.
It is also sharing technical indicators with other AI labs, cloud providers, and authorities, while tightening verification for educational and research accounts often exploited in these schemes.
Anthropic stressed that no single company can solve the problem alone and called for coordinated action across the AI industry, cloud providers, and policymakers.
It reiterated its longstanding support for U.S. export controls on advanced chips, arguing that distillation attacks actually reinforce the need for such controls: restricted chip access limits both direct training and the scale of illicit data extraction.
The disclosure comes weeks after OpenAI warned U.S. lawmakers about similar distillation efforts by DeepSeek targeting ChatGPT and other American models.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Anthropic Claude Under Large Scale Distillation Attacks By Chinese AI Labs with 13 Million Exchanges appeared first on Cyber Security News.
Games Workshop has shocked Warhammer 40,000 fans by confirming a leak of plans to sell…
FORT WAYNE IND. (WOWO) One man is dead following a fiery early-morning crash at Lafayette…
The Hunt For Ben Solo fan campaign is still going, and its latest stunt saw…
Daemons, seasonal powers, and giants are what you can expect this spring anime season. There's…
This website uses cookies.