Anthropic Accuses Alibaba of ‘Illicitly’ Accessing Its Claude AI Models in Largest Known Distillation Attack
Cybersecurity NewsArchived Jun 25, 2026✓ Full text saved
Anthropic has formally accused Chinese tech and e-commerce giant Alibaba of orchestrating a massive, unauthorized extraction campaign targeting its Claude AI model, marking what the company describes as the largest known distillation attack in its history. In a letter dated June 10, 2026, and addressed to U.S. Senate Banking Committee Chair Tim Scott and Ranking […] The post Anthropic Accuses Alibaba of ‘Illicitly’ Accessing Its Claude AI Models in Largest Known Distillation Attack appeared firs
Full text archived locally
✦ AI Summary· Claude Sonnet
HomeCyber Security
Anthropic Accuses Alibaba of ‘Illicitly’ Accessing Its Claude AI Models in Largest Known Distillation Attack
By Guru Baran
June 25, 2026
Anthropic has formally accused Chinese tech and e-commerce giant Alibaba of orchestrating a massive, unauthorized extraction campaign targeting its Claude AI model, marking what the company describes as the largest known distillation attack in its history.
In a letter dated June 10, 2026, and addressed to U.S. Senate Banking Committee Chair Tim Scott and Ranking Member Elizabeth Warren, Anthropic alleged that operators affiliated with Alibaba and its AI research division, Alibaba Qwen, conducted a coordinated campaign to illicitly harvest capabilities from its Claude AI model.
The campaign ran from April 22 to June 5, 2026, generating more than 28.8 million exchanges with Claude through nearly 25,000 fraudulent accounts.
The operation specifically targeted Claude’s most advanced and commercially valuable capabilities, including software engineering and agentic reasoning, the cornerstones of Anthropic’s cutting-edge Mythos Preview model.
The attack relied on a technique known as “adversarial distillation,” a method where a less capable AI model is trained on the outputs of a more powerful one to mimic its capabilities at a fraction of the development cost.
Anthropic warned that this process allows Chinese AI labs to replicate frontier U.S. AI capabilities without incurring the enormous R&D and computational expenditure required to train models from scratch.
In its letter, Anthropic wrote: “These distillation attacks are carried out illicitly, systematically, and at an industrial scale to harvest U.S. AI capabilities across frontier labs and repackage them as their own without incurring the training and R&D costs required to train U.S. frontier models”. Bloomberg was the first to report on this letter.
Anthropic further cautioned that AI systems built through this adversarial distillation method often lack safety guardrails, posing broader security and safety risks beyond intellectual property theft.
This is not an isolated incident. In February 2026, Anthropic had already revealed a separate scheme involving DeepSeek the Chinese AI startup whose low-cost model rattled global tech markets in early 2025 along with two other Chinese AI laboratories attempting to illicitly access Claude’s platform.
Earlier this month, the company announced that it received a directive from the Trump administration. This directive requires them to stop allowing anyone from outside the U.S., including their own employees who are not U.S. citizens, to access their newest models called Claude, specifically Fable 5 and Mythos 5.
Anthropic now describes this pattern as “systematic and unauthorized” exploitation of leading U.S. AI models to build a rival generation of Chinese chatbots.
The disclosure is already driving legislative action on Capitol Hill. Senators Bill Hagerty (R-TN) and Andy Kim (D-NJ) are moving to introduce an amendment to must-pass defense legislation that would blacklist or sanction any Chinese firm found improperly accessing U.S. AI model outputs to train competing systems.
Alibaba has not responded to requests for comment. The escalating confrontation over AI model theft signals a deepening technological and geopolitical rift between the U.S. and Chinese AI sectors, with frontier model security now firmly in the crosshairs of national security policy.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Tags
cyber security
cyber security news
Copy URL
Linkedin
Twitter
ReddIt
Telegram
Guru Baranhttps://cybersecuritynews.com
Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments.
Trending News
Bajaj Auto Hit by a Ransomware Attack – Internal Systems Affected
HazyBeacon Weaponizes AWS Lambda Function URLs for Stealth Command-and-Control Relays
Authorities Dismantle SocGholish Malware Network — 106 Servers and 101 Domains Seized
Malicious Edge Extension Uses Chrome Native Messaging to Execute Code on Victim Systems
Evilginx AiTM Attack Captures Microsoft Credentials, MFA Tokens, and Authenticated Sessions
Latest News
Cyber Security News
Mistic Backdoor Blends With Microsoft Endpoint Security Tooling to Evade Detection
Cyber Security News
Microsoft Teams Impersonation Campaign Enables Unauthorized Access Through RMM Abuse
Cyber Security News
Fake Document Reader in The Google Play Store with 100K Downloads Deliver Android Malware
Cyber Security News
Malicious Edge Extension Uses Chrome Native Messaging to Execute Code on Victim Systems
ANY.RUN
EvilTokens Hides Its Attack Flow in the Browser, Exposing Static Analysis Gaps