Krux
February 24, 2026
DeepSeek, Moonshot, MiniMax Used 24,000 Fake Accounts to Clone Claude
Published: February 24, 2026 at 1:04 AM
Updated: February 24, 2026 at 1:04 AM
100-word summary
Anthropic reported that three Chinese AI labs ran model-distillation campaigns using over 16 million Claude interactions through roughly 24,000 fraudulent accounts to steal capabilities. DeepSeek targeted reasoning and censorship rewrites; Moonshot focused on agentic tasks and coding; MiniMax pursued tool orchestration. When Anthropic released a new model mid-campaign, operators pivoted within 24 hours and redirected nearly half their traffic to capture the latest system. The attacks highlight how competitor models can be rapidly replicated through illicit extraction, potentially bypassing export controls and weakening safety guardrails at scale. Implementation takeaway: deploy distillation-detection telemetry to flag high-volume, repetitive API prompts this quarter.
What happened
Anthropic reported that three Chinese AI labs ran model-distillation campaigns using over 16 million Claude interactions through roughly 24,000 fraudulent accounts to steal capabilities. DeepSeek targeted reasoning and censorship rewrites; Moonshot focused on agentic tasks and coding; MiniMax pursued tool orchestration. When Anthropic released a new model mid-campaign, operators pivoted within 24 hours and redirected nearly half their traffic to capture the latest system. The attacks highlight how competitor models can be rapidly replicated through illicit extraction, potentially bypassing export controls and weakening safety guardrails at scale.
Why it matters
Implementation takeaway: deploy distillation-detection telemetry to flag high-volume, repetitive API prompts this quarter.