Three Chinese artificial intelligence companies used Claude to improperly obtain capabilities to improve their own models, the chatbot's creator Anthropic said in a blog post while also making a case for export controls on chips.
The announcement follows a memo by OpenAI earlier this month, when the startup warned US lawmakers that Chinese AI firm DeepSeek is targeting the ChatGPT maker and the nation's leading AI companies to replicate models and use them for its own training.
DeepSeek, Moonshot and MiniMax created more than 16 million interactions with Claude using roughly 24,000 fake accounts, in violation of Anthropic's terms of service and regional access restrictions, the company said.
They used a technique called "distillation," which involves training a less capable model on the outputs of a stronger one, Anthropic said.
"These campaigns are growing in intensity and sophistication. The window to act is narrow, and the threat extends beyond any single company or region."
Anthropic warned that illicitly distilled models lacked necessary safeguards, creating significant national security risks.
If these models are open-sourced, the risk multiplies as capabilities spread freely beyond any single government's control.
Anthropic, which raised US$30 billion ($42.5 billion) in its latest funding round and is now valued at US$380 billion, said that distillation attacks support the case for export controls: chip access restrictions reduce both direct model training capabilities and the extent of improper distillation.
DeepSeek's operation targeted reasoning capabilities across diverse tasks and the creation of censorship-safe alternatives to policy-sensitive queries, while Moonshot aimed at agentic reasoning and tool use, as well as coding and data analysis, Anthropic said.
MiniMax targeted agentic coding, tool use and orchestration and Anthropic detected the campaign while it was still active — before MiniMax released the model it was training.
"When we released a new model during MiniMax's active campaign, they pivoted within 24 hours, redirecting nearly half their traffic to capture capabilities from our latest system," the blog post said.
DeepSeek, Moonshot and MiniMax did not immediately respond to requests for comment.
_(28).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0){kind=logo}
_(20).jpg&h=140&w=231&c=1&s=0)
iTnews Benchmark Awards 2026
iTnews Executive Retreat - Security Leaders Edition
iTnews Cloud Covered Breakfast Summit
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
