Anthropic Said DeepSeek, Moonshot, and MiniMax Used Fraudulent Accounts and Proxies to Illicitly Distill Claude Capabilities at Scale

Anthropic detected industrial-scale campaigns by three Chinese AI laboratories - DeepSeek, Moonshot, and MiniMax - to illicitly extract Claude's capabilities through a technique called 'distillation.' The labs generated over 16 million exchanges with Claude through approximately 24,000 fraudulent accounts, violating terms of service and regional access restrictions. DeepSeek generated over 150,000 exchanges targeting reasoning capabilities and censorship-safe alternatives. Moonshot AI conducted over 3.4 million exchanges focusing on agentic reasoning, tool use, and computer vision. MiniMax executed over 13 million exchanges targeting agentic coding and tool orchestration. The labs used proxy services and 'hydra cluster' architectures to distribute traffic and evade detection. Anthropic attributed these campaigns through IP address correlation, request metadata, and infrastructure indicators. The attacks targeted Claude's most differentiated capabilities including agentic reasoning, tool use, and coding. Anthropic warns that illicitly distilled models lack safety guardrails and could enable authoritarian governments to deploy frontier AI for offensive cyber operations, disinformation campaigns, and mass surveillance.