AI Model Theft: China’s DeepSeek, Moonshot and MiniMax Accused of ‘Distillation Attacks’
A new battleground in the artificial intelligence race has emerged: the illicit extraction of AI capabilities. Anthropic, the AI company behind the Claude model, has accused three China-based AI labs – DeepSeek, Moonshot AI, and MiniMax – of orchestrating large-scale “distillation attacks” to improve their own models. This practice, while related to legitimate AI training techniques, raises serious concerns about intellectual property and competitive advantage.
What is ‘Distillation’ and Why is it Controversial?
Distillation is a common method in AI development where a smaller, “student” model learns from the outputs of a larger, more complex “teacher” model. AI labs routinely use this to create cheaper, more efficient versions of their AI. But, the accusations against DeepSeek, Moonshot, and MiniMax center around using this technique to essentially copy the capabilities of Claude without legitimate access. Anthropic describes these actions as “distillation attacks,” differentiating them from standard distillation practices.
Anthropic alleges these companies created over 24,000 fraudulent accounts and generated more than 16 million interactions with Claude. The attacks targeted Claude’s most advanced features, including agentic reasoning, tool use, and coding.
The Scale of the Allegations
The scale of the alleged activity varies between the companies. MiniMax, the creator of the popular Talkie app, is accused of the most extensive effort, with over 13 million exchanges. Moonshot AI generated over 3.4 million exchanges, while DeepSeek accounted for approximately 150,000 exchanges, though focused on improving foundational logic and censorship avoidance.
Did you know? Distillation can be used to create censorship-safe alternatives to sensitive queries, potentially allowing models to bypass restrictions on topics like political dissidents.
Broader Implications for the AI Industry
This isn’t an isolated incident. OpenAI, Anthropic’s competitor, recently accused DeepSeek of similar practices, sending a memo to the House of Representatives detailing their concerns. These accusations highlight a growing anxiety within the AI community about the potential for model theft and the challenges of protecting intellectual property in this rapidly evolving field.
Anthropic frames these actions as a threat to U.S. Competitiveness, suggesting that circumventing regional restrictions and breaking terms of service allows foreign labs, potentially linked to the Chinese Communist Party, to bypass the intended effects of export controls on advanced AI chips.
DeepSeek V4 and Potential Market Disruption
The timing of these accusations is particularly noteworthy, as DeepSeek is poised to release its latest model, DeepSeek V4. Reports suggest this new model could outperform both Claude and ChatGPT in coding, potentially disrupting the AI landscape. Some analysts have even warned that the release could cause volatility on Wall Street, given the existing AI-related market fluctuations.
FAQ
What is a ‘distillation attack’? A distillation attack involves using a large language model (LLM) to generate training data for another model, often in violation of the LLM’s terms of service.
Are these actions illegal? Anthropic doesn’t allege criminal offenses, but states the actions violated their terms of service and regional access restrictions.
Which companies are involved? DeepSeek, Moonshot AI, and MiniMax are the Chinese AI labs accused by Anthropic.
What is DeepSeek V4? DeepSeek V4 is the upcoming flagship model from DeepSeek, expected to be released soon and potentially outperform leading AI models.
Pro Tip: Understanding the nuances of AI training techniques like distillation is crucial for anyone involved in the development or investment in AI technologies.
This situation underscores the need for robust security measures and potentially new regulations to protect AI models and ensure fair competition in this critical technological domain. The debate over export controls and the ethical implications of AI development are likely to intensify as these issues arrive to the forefront.
What are your thoughts on the future of AI security? Share your opinions in the comments below!
