Anthropic Sounds Security Alarm as Chinese Firms Use Claude to Train Smaller Models.

 

Anthropic Accuses Chinese AI Rivals of "Model Distillation" Theft via 16 Million Exploits

Anthropic has revealed a massive breach of its Terms of Service (ToS) involving three prominent Chinese AI firms. According to the company, approximately 24,000 accounts linked to these firms were used to scrape data and "extract" capabilities from the Claude AI model over 16 million times.

The Suspects: DeepSeek, Moonshot, and MiniMax

Anthropic identified the scale of the data extraction across three specific entities:

• MiniMax: 13 million unauthorized requests.

• Moonshot AI: 3.4 million unauthorized requests.

• DeepSeek: 150,000 unauthorized requests.

The "Distillation" Gambit

Anthropic describes this tactic as "Model Distillation" In the AI industry, distillation is a common internal practice where the outputs of a massive "teacher" model (like Claude 3.5 Sonnet) are used to train a smaller, more efficient "student" model. However, using a competitor’s model to achieve this is considered a form of intellectual property theft and a direct violation of access limits.

By bypassing the traditional research and development phase, these firms could significantly slash training costs and accelerate their development timelines using Anthropic’s proprietary logic.

National Security Implications

Beyond corporate rivalry, Anthropic has framed this as a matter of U.S. National Security. The company warns that distillation can be used to rapidly develop small-scale models capable of handling high-risk tasks or bypass safety guardrails established by American developers. The Wall Street Journal reached out to the three Chinese firms for comment, but all have remained silent so far.

Training large-scale models costs billions of dollars, but cross-platform distillation allows competitors to "copycat logic" at a cost many times less. This is why Anthropic and OpenAI have begun using systems to detect "non-human conversational patterns" to block these accounts.

Currently, AI companies are turning to watermarking techniques, where AI answers are encrypted. If a competitor's model's answer shows an exact copycat logic signature, it can be used as legal evidence in data theft lawsuits.

This occurs amidst the ban on high-end Nvidia chips being shipped to China, forcing Chinese AI companies to find the most resource-efficient way to build models as intelligent as those from the US. Distillation thus becomes an attractive shortcut in a compute-constrained environment.

This reflects the double-edged sword of public APIs: while they enable developers to create excellent apps, they also open vulnerabilities for competitors to silently "steal" AI knowledge using bots 24/7. 

 

 

Discord Ends Partnership with Persona A Major Victory for Digital Privacy Advocates.

 

Source: Anthropic

💬 AI Content Assistant

Ask me anything about this article. No data is stored for your question.

 

Anthropic Accuses Chinese AI Rivals of "Model Distillation" Theft via 16 Million Exploits

Anthropic has revealed a massive breach of its Terms of Service (ToS) involving three prominent Chinese AI firms. According to the company, approximately 24,000 accounts linked to these firms were used to scrape data and "extract" capabilities from the Claude AI model over 16 million times.

The Suspects: DeepSeek, Moonshot, and MiniMax

Anthropic identified the scale of the data extraction across three specific entities:

• MiniMax: 13 million unauthorized requests.

• Moonshot AI: 3.4 million unauthorized requests.

• DeepSeek: 150,000 unauthorized requests.

The "Distillation" Gambit

Anthropic describes this tactic as "Model Distillation" In the AI industry, distillation is a common internal practice where the outputs of a massive "teacher" model (like Claude 3.5 Sonnet) are used to train a smaller, more efficient "student" model. However, using a competitor’s model to achieve this is considered a form of intellectual property theft and a direct violation of access limits.

By bypassing the traditional research and development phase, these firms could significantly slash training costs and accelerate their development timelines using Anthropic’s proprietary logic.

National Security Implications

Beyond corporate rivalry, Anthropic has framed this as a matter of U.S. National Security. The company warns that distillation can be used to rapidly develop small-scale models capable of handling high-risk tasks or bypass safety guardrails established by American developers. The Wall Street Journal reached out to the three Chinese firms for comment, but all have remained silent so far.

Training large-scale models costs billions of dollars, but cross-platform distillation allows competitors to "copycat logic" at a cost many times less. This is why Anthropic and OpenAI have begun using systems to detect "non-human conversational patterns" to block these accounts.

Currently, AI companies are turning to watermarking techniques, where AI answers are encrypted. If a competitor's model's answer shows an exact copycat logic signature, it can be used as legal evidence in data theft lawsuits.

This occurs amidst the ban on high-end Nvidia chips being shipped to China, forcing Chinese AI companies to find the most resource-efficient way to build models as intelligent as those from the US. Distillation thus becomes an attractive shortcut in a compute-constrained environment.

This reflects the double-edged sword of public APIs: while they enable developers to create excellent apps, they also open vulnerabilities for competitors to silently "steal" AI knowledge using bots 24/7. 

 

 

Discord Ends Partnership with Persona A Major Victory for Digital Privacy Advocates.

 

Source: Anthropic