Anthropic has formally accused Alibaba of conducting a massive, unauthorized “distillation attack” to extract proprietary artificial intelligence capabilities. According to a letter sent to the U.S. Senate Committee on Banking, Housing, and Urban Affairs, the Chinese tech firm allegedly used 25,000 fraudulent accounts to execute 28.8 million exchanges with Anthropic’s models between April 22 and June 5, 2026. The incident represents the largest known attempt to derive a smaller AI model from Anthropic’s stronger architecture to date.
How Do Distillation Attacks Threaten AI Security?
Distillation is a technical process where developers train a compact, less-capable AI model by feeding it the outputs of a more powerful, sophisticated system. By repeatedly querying a high-end model and recording the responses, an unauthorized actor can effectively “clone” the reasoning patterns and knowledge base of the original, more expensive software. Anthropic claims this practice bypasses traditional security safeguards and intellectual property protections. The company characterizes these actions as “brazen” and “illicit” attempts to replicate its core technology without authorization.
In February 2026, Anthropic identified similar industrial-scale distillation campaigns originating from three other AI labs: DeepSeek, Moonshot, and MiniMax. The company reports that these attempts are increasing in both frequency and technical sophistication.
Why Does the White House Monitor Model Extraction?
The U.S. government is increasingly concerned that industrial-scale distillation compromises national security and American technological dominance. In April 2026, the White House Office of Science and Technology Policy issued a formal memorandum pledging to assist AI companies in detecting and coordinating defenses against these data extraction tactics. Anthropic’s letter to senators Tim Scott (R-S.C.) and Elizabeth Warren (D-Mass.) explicitly stated that Alibaba “ignored the Trump Administration’s warnings” regarding these specific security protocols.
How Are Export Controls Complicating AI Policy?
While Anthropic is lobbying for government support to stop distillation, its relationship with the Trump administration remains complex. Earlier in June 2026, the U.S. government issued an export control directive ordering Anthropic to suspend access to its latest models, Fable 5 and Mythos 5, for all foreign nationals. This mandate applies regardless of whether the users are located inside or outside the United States. Anthropic representatives have traveled to Washington, D.C., to negotiate with officials, stating that both parties are working to resolve the dispute, though no timeline for the restoration of service has been provided.
| Entity | Alleged Activity |
|---|---|
| Alibaba | 28.8 million exchanges via 25,000 accounts |
| DeepSeek/Moonshot/MiniMax | Industrial-scale distillation campaigns |
If you are developing applications using third-party APIs, monitor your traffic for high-frequency, repetitive query patterns from non-standard user agents. These are often early indicators of automated distillation attempts.
Frequently Asked Questions
- What is an AI distillation attack? It is a method where an actor uses a powerful model’s outputs to train a separate, smaller model, effectively stealing the original model’s capabilities.
- Has Alibaba responded to the claims? No. As of the latest report, a representative for Alibaba has not responded to requests for comment regarding the allegations.
- Why were Anthropic’s latest models suspended? The Trump administration cited “national security authorities” in an export control directive, though specific details regarding the nature of the concern remain undisclosed.
Stay informed on the latest developments in AI regulation and corporate security. Subscribe to our weekly tech policy newsletter for updates on how Washington is shaping the future of innovation.
