Anthropic Accuses Alibaba of Using 25,000 Fake Accounts to Copy Claude AI

Anthropic has accused Alibaba of carrying out what it calls the largest known AI model distillation attack against the company, alleging that operators linked to the Chinese technology giant extracted capabilities from its Claude AI models through millions of automated interactions.

The allegations were made in a June 10 letter sent to U.S. Senators Tim Scott and Elizabeth Warren ahead of a Senate Banking Committee hearing on artificial intelligence. Reuters first reported the contents of the letter after reviewing the document.

Anthropic says the campaign generated 28.8 million Claude interactions

According to Anthropic, the alleged campaign ran between April 22 and June 5, 2026, generating more than 28.8 million exchanges with Claude through nearly 25,000 fraudulent accounts.

The company claims the operators used a technique known as AI distillation, where outputs from a more advanced model help train a smaller or less capable model.

Anthropic alleges the campaign was conducted by operators affiliated with Alibaba and its AI research division, Qwen. At the time of publication, Alibaba had not publicly responded to the allegations.

Anthropic links attack to advanced Mythos capabilities

In its letter, Anthropic argued that the campaign could accelerate China’s ability to develop AI systems approaching the capabilities of its advanced Mythos Preview models.

This is not the first time Anthropic has raised similar concerns. In February, the company accused several Chinese AI developers, including DeepSeek, Moonshot AI, and MiniMax, of using Claude outputs to improve their own models. At the time, Anthropic warned that these campaigns were becoming increasingly sophisticated and coordinated.

AI security concerns continue to grow

The allegations surfaced just days before the U.S. Commerce Department imposed export restrictions on Anthropic’s latest Mythos and Fable AI models.

Government officials said the restrictions were necessary because they feared the advanced models could be diverted to military intelligence users in countries of concern. Anthropic temporarily disabled access to the affected models worldwide to comply with the order.

Recent reports have also highlighted the capabilities of Mythos during government cybersecurity testing. The model reportedly identified vulnerabilities in highly sensitive U.S. government systems within hours. However, officials clarified that finding vulnerabilities did not mean the AI successfully compromised or exploited classified systems, despite some earlier reports suggesting otherwise.