TLDR
- Anthropic claims Alibaba orchestrated an unprecedented AI “distillation attack” targeting the Claude model
- Approximately 28.8 million interactions occurred via roughly 25,000 illegitimate accounts from April 22 through June 5, 2026
- The operation sought to replicate Claude’s sophisticated features for developing Alibaba’s proprietary AI systems
- Anthropic petitioned US Senators Tim Scott and Elizabeth Warren for stricter enforcement measures
- The Commerce Department subsequently imposed global restrictions on Anthropic’s Mythos and Fable AI systems
The San Francisco-based artificial intelligence firm Anthropic has leveled serious allegations against Alibaba, China’s technology behemoth, claiming the company orchestrated an extensive operation to replicate features from its Claude AI system. According to Anthropic, Alibaba employed a technique known as “distillation attacks” to harvest sophisticated AI responses and utilize them for training inferior models.
🚨Anthropic Accuses Alibaba of Massive AI Model Extraction Campaign
Anthropic has accused Alibaba of orchestrating the largest known attempt to extract capabilities from its Claude AI models through a massive network of fraudulent accounts.
The allegations were disclosed in a… pic.twitter.com/FLLccsaFcE
— Bull Theory (@BullTheoryio) June 25, 2026
The alleged operation unfolded from April 22 through June 5, 2026. Throughout this period, entities connected to Alibaba and its artificial intelligence division, Alibaba Qwen, produced over 28.8 million interactions with Claude using approximately 25,000 fraudulent user accounts.
Anthropic characterized this incident as the most extensive known assault of its nature ever directed at the organization.
Understanding Distillation Attacks
Distillation attacks function by submitting queries to a sophisticated AI system and leveraging the responses to enhance a weaker model. This technique enables replication of cutting-edge AI capabilities while bypassing the costly research and development that created them.
Anthropic maintains that the perpetrators specifically targeted Claude’s most sophisticated functionalities. These encompassed its capacity to manage intricate, extended tasks and its reasoning methodology.
The organization asserted that such attacks operate at an “industrial scale,” effectively transforming hundreds of billions in American AI research investment into assets exploitable by geopolitical competitors.
Push for Legislative Intervention
On June 10, Anthropic dispatched correspondence to US Senators Tim Scott and Elizabeth Warren. Both legislators serve on the Senate Banking Committee, which had scheduled an AI-focused hearing during that timeframe.
Within the correspondence, Anthropic pressed Congress to impose sanctions on organizations orchestrating such operations and to enhance safeguards protecting American AI innovation.
This marks not the initial occasion Anthropic has sounded warnings. In February, the firm reported detecting comparable campaigns conducted by Chinese AI companies DeepSeek, Moonshot AI, and MiniMax. DeepSeek’s operation encompassed more than 150,000 interactions, whereas MiniMax’s exceeded 13 million.
Alibaba has not provided responses to inquiries seeking comment. The corporation was recently added to the Pentagon’s roster of Chinese entities with military connections and is currently contesting that classification through legal channels.
The White House declared in April that China was appropriating US artificial intelligence intellectual property at an industrial magnitude. OpenAI has similarly accused Chinese organizations of employing identical distillation tactics.
On June 12, just two days following the delivery of Anthropic’s letter, the US Commerce Department implemented limitations on Anthropic’s Mythos and Fable AI systems. Authorities expressed concerns that these models could potentially be exploited by military intelligence agencies in China and additional nations. Consequently, Anthropic suspended worldwide access to both systems.
