Anthropic has accused the Chinese firm Alibaba of launching the largest attack yet attempting to clone Claude, as China races to match the capabilities of Anthropic’s leading model following
Mythos’ release and subsequent restriction from foreign markets.
Ars obtained a June 10 letter sent to Senators Tim Scott (R-SC) and Elizabeth Warren (D-Mass.) one day ahead of a Senate committee hearing on “AI and the American Dream.” In the letter, Anthropic shared “new, confidential evidence of the largest campaign to illicitly extract Claude’s capabilities we have ever measured.”
The attacks occurred between April 22 and June 5, when “operators affiliated with Alibaba and Alibaba Qwen, Alibaba’s AI lab” allegedly generated “more than 28.8 million exchanges with Claude through almost 25,000 fraudulent accounts,” Anthropic said. Violating Claude’s terms of service and access restrictions, this campaign “targeted some of Claude’s most valuable capabilities, such as agentic reasoning, software engineering, and long-horizon tasks.”
According to Anthropic, Alibaba evaded detection by “using obfuscation techniques and proxy networks.” As Chinese demand for reliable obfuscation techniques increases, Anthropic warned there’s already “a growing circumvention economy” to fuel an ever-expanding web of future distillation attacks.
Alibaba allegedly ignored Trump warning
Like other Chinese labs attempting to copy US frontier models, Alibaba’s aim, Anthropic alleged, was to extract Claude’s capabilities “without incurring the training and R&D costs required to train” their own frontier model. These attacks have become “widespread” and “turn hundreds of billions of dollars in American investment and R&D into a massive subsidy for our geopolitical competitors,” Anthropic said.
Importantly, Anthropic said, the Alibaba campaign occurred after Donald Trump took steps to curb such illicit distillation attacks and defend US national security. In April, Trump
accused China of “industrial-scale” AI theft after Anthropic accused Chinese firms DeepSeek, Moonshot, and MiniMax of using the same tactic as Alibaba allegedly used to generate “over 16 million exchanges with Claude through approximately 24,000 fraudulent accounts.” OpenAI and Google have published findings on similar attacks on their models, Anthropic said.
<small>Source: Ars Technica</small>
