Anthropic Publicly Exposes Massive Distillation Attacks by Chinese AI Labs Anthropic released a bombshell security report accusing three Chinese AI labs — DeepSeek, Moonshot (Kimi), and MiniMax — of launching industrial-scale distillation attacks against Claude through approximately 24,000 fraudulent accounts and over 16 million conversations, attempting to steal Claude’s core capabilities to train their own models. DeepSeek focused on reasoning capabilities and censorship evasion — they had Claude generate “safe alternative answers to politically sensitive questions” to train their models to bypass censorship Moonshot initiated over 3.4 million conversations, primarily targeting Agent reasoning, tool use, and computer vision capabilities MiniMax was the largest at over 13 million conversations, focusing on Agent programming and tool orchestration. Anthropic detected the attack before MiniMax released their new model These labs bypassed regional restrictions through commercial proxy services, using a “Hydra cluster” architecture — a single proxy network managing over 20,000 fraudulent accounts simultaneously Peon says: The political implications of this report far outweigh the technical ones. Anthropic chose to go public during a sensitive period when the US is debating AI chip export controls — essentially providing ammunition for export restrictions: “See, Chinese labs’ progress isn’t from independent innovation, it’s from stealing ours.” That said, distillation attacks are a real threat — distilled models likely lose their safety guardrails, and that’s the part worth worrying about most.