Anthropic accuses Alibaba of launching the “largest clone attack in history,” and claims it has been “blasting” Claude 28.8 million times.

AI giant Anthropic has submitted a letter to the U.S. Senate, accusing Chinese tech giant Alibaba of launching the largest "model cloning attack (Distillation attack)" in history. Anthropic alleges that a team under Alibaba used nearly 25k fraudulent accounts to conduct up to 28.8 million malicious interactions with the Claude model, attempting to steal advanced U.S. AI technology without effort. (Prior context: Mirendil, founded by a former Anthropic researcher, raised $200 million, claiming to be a "self-upgrading AI") (Background supplement: Anthropic accuses Alibaba of "illegally stealing" Claude: 28.8 million conversations, nearly 25k fake accounts, distillation war reaches U.S. Congress) Table of Contents Toggle

• 25k avatars frantically performed 28.8 million queries, targeting Claude's core technology
• Ignoring Trump's warning! Anthropic slams Alibaba as "brazen"
• Calls for antitrust law amendments to prevent China from building a "cyber nuclear weapon" The rivalry between China and the U.S. in the field of artificial intelligence (AI) is escalating from chip bans to direct "model extraction warfare." According to the latest foreign media reports, Anthropic sent a confidential letter to U.S. Senators Tim Scott and Elizabeth Warren, revealing shocking details of a large-scale malicious attack on its flagship AI model, Claude.

25,000 avatars frantically performed 28.8 million queries, targeting Claude's core technology

In this letter submitted on the eve of the Senate hearing "AI and the American Dream," Anthropic detailed the cyber operation that occurred between April 22 and June 5, 2026. Anthropic claims that the attack was carried out by operators affiliated with Alibaba and its AI lab, Qwen. The attackers massively violated Claude's terms of service, using obfuscation techniques and proxy networks to evade security detection. They registered nearly 25k fraudulent accounts and conducted over 28.8 million interactions with Claude. Anthropic stated that this is the "largest illicit extraction operation" it has ever detected. Its core purpose is extremely clear: Alibaba attempted to avoid the hundreds of billions of dollars in training and R&D costs required to develop frontier models, directly "leeching" and copying Claude's most valuable advanced capabilities, including agentic reasoning, software engineering, and long-horizon task solving capabilities.

Ignoring Trump's warning! Anthropic slams Alibaba as "brazen"

This incident is highly politically sensitive. In April this year, U.S. President Donald Trump publicly accused China of conducting "industrial-scale" AI technology theft. Previously, Anthropic had also accused Chinese startups such as DeepSeek and Moonshot of using similar methods (totaling about 16 million interactions). However, this attack led by Alibaba occurred after the U.S. government's stern warning. In the letter, Anthropic strongly criticized that Alibaba, as a multinational corporation listed on the New York Stock Exchange (NYSE) with extensive operations in the U.S., "brazenly" ignored the U.S. government's warning and continued to steal, calling this extremely inappropriate. Hit by this negative news, Alibaba's stock price fell about 3% immediately after the news broke.

Calls for antitrust law amendments to prevent China from building a "cyber nuclear weapon"

Facing relentless cloning attacks from Chinese companies, Anthropic calls on the U.S. Congress to immediately take legislative action, proposing three demands: 2. Modify antitrust laws: Allow U.S. AI companies to legally share threat intelligence about Chinese attack tactics (currently restricted by monopoly regulations). 4. Strengthen chip export controls: Further restrict China's access to advanced computing resources, rendering the data obtained through model extraction (distillation) meaningless due to lack of computing power. 6. Punish Chinese labs: Restrict access to U.S. models and advanced chips for violating Chinese institutions, and even prohibit them from using data centers located outside of China. Anthropic sternly warns that if not stopped, these attacks will help China significantly narrow the technology gap, and even allow it to reach capabilities comparable to Anthropic's own cybersecurity model "Mythos Preview" more quickly. Mythos was previously publicly compared to a "cyber nuclear weapon" by Zhou Hongyi, founder of China's 360 Security Technology. Once such a model, possessing strong software engineering capabilities but lacking U.S. safety guardrails, falls into the hands of an adversary, it would pose a devastating threat to U.S. national security.