Anthropic Says DeepSeek, Moonshot, and MiniMax Used 24,000 Fake Accounts to Rip Off Claude

Anthropic’s latest disclosure shines a harsh light on the growing practice of AI distillation, where competitors harvest a model’s outputs to train smaller, cheaper replicas. By tracing more than 16 million API calls to roughly 24 000 fabricated accounts, the company identified three Chinese labs—DeepSeek, Moonshot AI and MiniMax—as the primary actors. The attacks focused on Claude’s most differentiated capabilities, such as chain‑of‑thought reasoning, tool use and code generation, allowing the labs to amass training data at a fraction of the original development cost.

The episode arrives amid a heated U.S. debate over AI chip export controls, a policy arena where Anthropic’s CEO Dario Amodei has been a vocal advocate. By framing distillation as a national‑security threat, the company argues that illicitly copied models lack the safety guardrails embedded in American systems, potentially feeding authoritarian surveillance or cyber‑offensive tools. This narrative links technical theft directly to the broader geopolitical contest for AI supremacy, suggesting that even strict hardware bans can be circumvented when intellectual‑property extraction is weaponized at scale.

Anthropic’s response combines immediate technical safeguards with a call for collective action. New classifiers and behavioral fingerprinting aim to flag chain‑of‑thought prompting, while tighter verification for educational and startup accounts reduces entry points for fraudulent users. The firm is also sharing indicators with cloud providers and rival labs, recognizing that API security has become as strategic as model weights themselves. If policymakers translate these findings into tighter export regimes or sanctions on proxy services, the industry may see a shift toward more robust authentication and monitoring standards across all frontier AI offerings.