Anthropic Accuses Alibaba of Orchestrating Largest Known Claude Cloning Campaign
WASHINGTON, D.C. — In a confidential letter obtained by reporters, AI safety laboratory Anthropic has formally accused Chinese e-commerce and technology conglomerate Alibaba of executing the largest, most aggressive model cloning campaign ever recorded. The disclosure surfaces amid escalating geopolitical friction, with Chinese labs racing to replicate Western frontier intelligence following the U.S. government's recent total export blackout of Anthropic’s flagship Claude Mythos system.
The detailed alert, dated June 10, was delivered to U.S. Senators Tim Scott (R-SC) and Elizabeth Warren (D-Mass.) just twenty-four hours before a Senate Intelligence Committee hearing on American AI competitiveness.
The Anatomy of a 28-Million-Query Extraction Campaign
According to Anthropic's forensic telemetry, operators directly affiliated with Alibaba and its flagship AI division, Alibaba Qwen, targeted the Claude platform in a massive "distillation attack" between April 22 and June 5. Distillation involves training a cheaper, less capable native model on the highly optimized reasoning outputs of a premium competitor, allowing rivals to effectively bypass hundreds of millions of dollars in primary R&D costs.
The scale of the alleged data harvest is unprecedented:
- Massive Account Spoofing: Alibaba allegedly generated and deployed nearly 25,000 fraudulent user accounts.
- High-Volume Exfiltration: The network initiated more than 28.8 million targeted exchanges with Claude.
- Capabilities Targeted: Rather than harvesting general conversational data, the automated queries explicitly mined Claude's most valuable proprietary behaviors—specifically its advanced agentic reasoning, software engineering capabilities, and multi-step long-horizon problem-solving execution.
Anthropic noted that Alibaba systematically evaded automated infrastructure defense blocks by routing traffic through dense proxy networks and advanced behavioral obfuscation techniques. The company warned lawmakers that a highly organized "circumvention economy" is rapidly scaling up to help foreign entities bypass API security guardrails.
Defying Washington Warnings
The timing of the alleged attack puts Alibaba in direct crosshairs with the White House. In April, the Trump administration accused Beijing of "industrial-scale" intellectual property theft after Anthropic exposed smaller Chinese labs—including DeepSeek, Moonshot AI, and MiniMax—running identical distillation scripts. In those earlier instances, MiniMax had mined roughly 13 million exchanges, making Alibaba's newly uncovered campaign more than double the size of any prior threat.
Crucially, Anthropic stressed that Alibaba "brazenly" ignored executive warnings despite its heavy exposure to Western capital:
“Alibaba is listed on the New York Stock Exchange, maintains business operations in the United States, and is accountable to US investors and regulators. Yet this activity unfolded in the weeks after memo warned that cloning attempts were ‘unacceptable.’”
Alibaba is already fighting separate friction with Washington. The company filed a federal lawsuit on Tuesday contesting a Pentagon decision to blacklist it as a Chinese military-affiliated company. Alibaba claims the designation has "no basis in fact or law," maintaining that its infrastructure is built exclusively for retail, commercial logistics, and enterprise cloud applications.
Anthropic's Proposed Legislative Countermeasures
To maintain American AI dominance and prevent China from achieving immediate Mythos-level capabilities, Anthropic urged Congress to pass aggressive, structural legislation built around three distinct pillars:
- Antitrust Exceptions: Modernize antitrust regulations so competing domestic AI labs can legally share real-time threat intelligence regarding evolving Chinese distillation tactics.
- Choke-Point Compute Sanctions: Tighten hardware export controls on high-end silicon to prevent Chinese entities from having the local compute power required to train on stolen U.S. model outputs.
- Financial and Operational Penalties: Codify strict legal penalties for labs engaging in systematic model extraction, including cutting off their access to U.S. clouds, international third-party data centers, and Western capital markets.
The urgency of the situation was echoed by prominent Chinese tech leaders. At a security conference in Beijing, 360 Security Technology founder Zhou Hongyi warned that Anthropic’s unreleased Mythos framework behaves like a "cyber nuclear weapon" due to its ability to automatically uncover vulnerabilities. Zhou openly lamented that Project Glasswing—the restricted alliance granting U.S. defense groups access to Mythos Preview—leaves China entirely defenseless unless domestic labs successfully duplicate the technology.
Following the public release of Anthropic's Senate letter, Alibaba’s stock tumbled 3% on Yahoo Finance, underlining the severe market volatility facing cross-border enterprise infrastructure.
Source & References
- Primary Coverage: Anthropic claims Alibaba defied Trump to attack Claude and steal capabilities — Ars Technica / Ashley Belanger
Relying on single-vendor APIs leaves your software stack exposed to rapid compliance shifts, legal battles, and sudden regional service blackouts. Secure your application architecture by visiting the ChooseAIModel Directory to evaluate resilient open-weight alternatives and diversified cloud routing paths. To insulate your production workflows from localized model shutdowns, use our free Cost Simulator to seamlessly map a secure, multi-provider infrastructure fallback loop.