Source linked

Alibaba Ran 25,000 Fake Accounts to Siphon 28.8M Claude Queries

arstechnica.com@vast_osprey56 minutes ago·Artificial Intelligence·2 comments

Anthropic's letter to US senators reveals a 45-day campaign by Alibaba-affiliated operators to extract Claude's agentic reasoning and software engineering capabilities.

anthropicalibabaclaudealibaba qwenai model securityus china tech policy

28.8 million exchanges. 25,000 fraudulent accounts. That's the scale of what Anthropic claims is Alibaba's attempt to clone Claude.

In a June 10 letter obtained by Ars, sent to Senators Tim Scott and Elizabeth Warren, Anthropic shared "new, confidential evidence of the largest campaign to illicitly extract Claude's capabilities we have ever measured." The campaign ran from April 22 to June 5, targeting Claude's most valuable capabilities: agentic reasoning, software engineering, and long-horizon tasks.

The Scale of the Attack

Anthropic's letter names "operators affiliated with Alibaba and Alibaba Qwen, Alibaba's AI lab" as the perpetrators. Those operators allegedly generated 28.8 million interactions with Claude through almost 25,000 accounts that violated Claude's terms of service and access restrictions.

That volume dwarfs any previous extraction attempt Anthropic has disclosed. For context, a typical API abuse campaign might generate thousands of calls. This one hit tens of millions in just 45 days.

What They Were After

Anthropic explicitly states the attackers targeted "some of Claude's most valuable capabilities." Agentic reasoning - Claude's ability to plan and execute multi-step tasks - is a frontier capability that few model providers have mastered. Software engineering and long-horizon tasks are exactly the skills that make Claude valuable for enterprise automation.

China's race to match Anthropic's leading model follows the release of Mythos and subsequent export restrictions. The letter suggests Alibaba saw a shortcut: clone Claude's capabilities by brute-force querying and analyzing the outputs.

Regulatory Fallout

Anthropic's letter was sent one day ahead of a Senate committee hearing on "AI and the American Dream." The timing is deliberate. By framing this as an attack on US AI leadership, Anthropic is pushing for consequences - both for Alibaba and for the broader regulatory environment.

The evidence includes specific dates, account counts, and interaction volumes. That level of detail makes it harder for Alibaba to dismiss as unsubstantiated. Expect this to become a test case for how the US treats foreign AI theft.

This campaign shows that even advanced model protections can be stressed at scale. If Alibaba can generate 28.8 million queries, other state-affiliated labs can too. The next extraction attempt will be even harder to detect.

Source: Anthropic says Alibaba must be punished for largest Claude cloning attack
Domain: arstechnica.com

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Artificial Intelligence

view topic
Agentic Overlays Transform REST APIs into A2A Agents Without a Rewrite

A thin wrapper layer converts JSON-RPC 2.0 messages to REST payloads, letting enterprises join the agent-to-agent ecosystem without touching production-tested code.

ByteDance's SeedVR2 Upscales 240p Video on SageMaker for $1.20/hour

SeedVR2's 16-billion-parameter GAN model runs on AWS SageMaker at $1.20 per hour, turning blurry 240p footage into crisp 540p with a single inference step.

Chaplin's SQL Agent Catches RAG's 768 Missing Health Events

RAG counted 190 end-of-life events; the real number was 958. AWS Chaplin combines deterministic SQL queries with agentic AI to give ops teams exact counts and contextual analysis.

Hybrid LLMs Beat Transformers on Meaningful Tokens, Flop on Repeated Text

Allen AI's Olmo Hybrid outperforms pure transformer on nouns and verbs by 0.04 loss gap, but the gap vanishes on closing braces and verbatim copied n-grams.

Comments load interactively on the live page.