ANTHROPIC has said it identified industrial-scale campaigns by three Chinese AI firms—DeepSeek, Moonshot AI, and MiniMax—that illegally distill Claude’s capabilities to improve their own models. The distillation attacks generated over 16 million exchanges with Claude through about 24,000 fraudulent accounts, in violation of its terms of service and regional access restrictions.
The three campaigns targeted Claude’s capabilities across specific areas: DeepSeek focused on reasoning and generating censorship-safe alternatives to politically sensitive queries, Moonshot AI on agentic reasoning and tool use and coding, and MiniMax on agentic coding and tool use, with the exchanges totaling over 150,000, 3.4 million, and 13 million respectively. Anthropic said the volume and structure of prompts were intended to extract capabilities rather than be legitimate use. The firms are based in China, where the use of Claude services is prohibited due to legal, regulatory, and security risks.