Text settings Story text Size Small Standard Large Width * Standard Wide Links Standard Orange * Subscribers only Learn more Minimize to nav Anthropic has accused the Chinese firm Alibaba of launching the largest attack yet attempting to clone Claude, as China races to match the capabilities of Anthropic’s leading model following Mythos’ release and subsequent restriction from foreign markets.
Ars obtained a June 10 letter sent to Senators Tim Scott (R-SC) and Elizabeth Warren (D-Mass.) one day ahead of a Senate committee hearing on “AI and the American Dream.” In the letter, Anthropic shared “new, confidential evidence of the largest campaign to illicitly extract Claude’s capabilities we have ever measured.”
According to Anthropic, Alibaba evaded detection by “using obfuscation techniques and proxy networks.” As Chinese demand for reliable obfuscation techniques increases, Anthropic warned there’s already “a growing circumvention economy” to fuel an ever-expanding web of future distillation attacks.
Like other Chinese labs attempting to copy US frontier models, Alibaba’s aim, Anthropic alleged, was to extract Claude’s capabilities “without incurring the training and R&D costs required to train” their own frontier model. These attacks have become “widespread” and “turn hundreds of billions of dollars in American investment and R&D into a massive subsidy for our geopolitical competitors,” Anthropic said.
Importantly, Anthropic said, the Alibaba campaign occurred after Donald Trump took steps to curb such illicit distillation attacks and defend US national security. In April, Trump accused China of “industrial-scale” AI theft after Anthropic accused Chinese firms DeepSeek, Moonshot, and MiniMax of using the same tactic as Alibaba allegedly used to generate “over 16 million exchanges with Claude through approximately 24,000 fraudulent accounts.” OpenAI and Google have published findings on similar attacks on their models, Anthropic said.
Anthropic accused Alibaba of “brazenly” racing to make a copycat Claude, seemingly unfazed by Trump’s threats to crack down on foreign efforts to copy US frontier models despite depending on US investors.
“Alibaba is listed on the New York Stock Exchange, maintains business operations in the United States, and is accountable to US investors and regulators,” Anthropic’s letter noted, “yet this activity unfolded in the weeks after” Trump’s memo warned that cloning attempts were “unacceptable.”
Ars could not immediately reach Alibaba for comment.
Alibaba is already preparing to clash with Trump, though. In a lawsuit filed Tuesday, Alibaba accused the Trump administration of blacklisting the company after falsely linking the company to the Chinese military, Reuters reported. Alibaba is seeking to remove the Trump designation, which they claimed has “no basis in fact or law.”
“Alibaba is governed by an independent board, none of whom has any military affiliation,” Alibaba said. “Its products and services are built for retail, logistics, and enterprise information technology—not weapons, defense, or intelligence.”
Anthropic appears unconvinced, however, that Alibaba isn’t working with the Chinese government. In the letter, Anthropic warned that without stronger interventions, these distillation attacks will “help China reach Mythos Preview-level capabilities sooner.”
To keep the US ahead of China, Anthropic recommended that Congress pass legislation with three objectives. First, antitrust laws must be updated to allow AI firms to share information about evolving Chinese tactics to deter more threats.
Second, the US needs more export controls on chips to hamstring Chinese access to advanced compute so that they simply can’t train on US model outputs. That could make conducting distillation attacks pointless, Anthropic suggested.
Finally, Congress should pass laws penalizing Chinese labs’ “bad behavior” so that it’s “more difficult and costly” to rely on distillation attacks to advance Chinese models. Penalties could include limiting Chinese firms from accessing US models or advanced US chips or from relying on data centers outside of China, Anthropic suggested.
Anthropic declined to clarify whether Alibaba’s alleged attacks were significant enough to help meaningfully accelerate China’s AI capabilities or comment on any specific steps taken to thwart the attacks. Instead, a spokesperson provided a statement to Ars, echoing sentiments expressed in the letter to senators.
“We believe combating the threat of illicit distillation requires coordinated action between government and industry, and we will continue working with Congress and the Administration to maintain American AI leadership,” Anthropic said.
Anthropic’s letter positions the AI firm as intent on helping the US hold the line so that China cannot surpass US capabilities.
If that happened, Anthropic warned that China could blindside a defenseless US—suddenly possessing “advanced cyber capabilities to deploy against the US government and American companies and exploit vulnerabilities faster than previously possible.”
It’s important to keep the US as far ahead as possible, Anthropic’s letter said, because “the larger the capability gap,” the “more time the US government will have to harden cyber defenses and adopt AI systems across national security domains” as China’s AI advances.
Additionally, Anthropic warned that if the US ignores distillation attacks, China could release advanced AI models “with weak safeguards that are easily jailbroken, enabling other US adversaries to use these models for a wide range of activities that run contrary to US interests.”
Alibaba’s models have been downloaded more than 700 million times and are at the frontier of China’s AI industry. The official newspaper of the Central Committee of the Communist Party of China (CPC), People’s Daily, recently hyped Alibaba’s Qwen family of AI models as “the most popular open-source AI system worldwide.” The AI firm will likely maintain a defensive posture as US scrutiny escalates, but the company risks hobbling its business the longer its US fights endure. Alibaba’s stock dropped 3 percent after Anthropic’s accusations became public, Yahoo Finance reported.
Anthropic’s suspicions that China is racing to build models to match Claude’s capabilities have been confirmed by at least one major Chinese tech founder. At a cybersecurity conference in Beijing yesterday, 360 Security Technology founder Zhou Hongyi likened Anthropic’s Mythos to a “cyber nuclear weapon,” the South China Morning Post reported.
Zhou told the audience that Mythos’ sudden giant leap in its ability to find cybersecurity vulnerabilities was a “terrifying change” that had effectively “democratized” cyberattacks, SCMP reported.
For China, having no access to Mythos was a significant disadvantage, Zhou said. He bemoaned that Project Glasswing, which granted more than 40 US organizations access to Mythos Preview to strengthen cyber defenses, excluded China.
“This means US organizations can use Mythos to scan your vulnerabilities, but you don’t even have the qualification to catch a glimpse of Mythos,” Zhou said.
China’s only way forward is to create its own Mythos-like model, Zhou said, warning that such a “game-changing weapon in cyber warfare” cannot “be held solely in the hands of others.” According to Zhou, China must race to copy Mythos’ capabilities so that there’s mutually assured destruction should its rival attempt to seize gains using its advanced AI.
SCMP noted that “Zhou’s remarks marked the first time a prominent Chinese technology founder has publicly warned about the strategic risks posed by the US frontier AI model.”
Right now, Zhou said that Chinese firms are “well short of Mythos-level capabilities,” SCMP reported. He then positioned his own company as developing a solution, which focuses “on AI agent systems that combined existing foundation models with specialist security data sets and vulnerability knowledge bases,” instead of “trying to match the US in frontier model capability and computing power.”
---
**İlgili Kaynaklar:**
İlgili yapay zeka danışmanlık ve çözüm hizmetleri için [yapay zeka firması](https://yapayzekafirmasi.com) platformuna göz atabilirsiniz.
