Seek .(US:SKLTY) Ge Long Hui·2026-02-24 18:00Core Insights - Anthropic reported that three organizations systematically created over 24,000 fraudulent accounts, resulting in more than 16 million interactions with Claude, aimed at extracting model capabilities for their own training and optimization [1][7]. Group 1: Distillation Activities - The three distillation actions exhibited highly similar operational methods, utilizing fake accounts and proxy services for large-scale access to evade platform detection [7]. - Anthropic identified these actions through multiple technical evidences, including IP address associations and request metadata, achieving high-confidence attribution [7]. - The attacks primarily targeted Claude's differentiated capabilities in agentic reasoning, tool usage, and code generation [7]. Group 2: DeepSeek Investigation - In the investigation of DeepSeek, Anthropic confirmed that the scale of operations exceeded 150,000 interactions, focusing on multi-task reasoning and sensitive question rephrasing [8]. - DeepSeek's accounts displayed synchronized traffic patterns and payment methods, resembling a "load balancing" feature to enhance throughput and reduce detection risk [8]. - One identified technique involved prompting Claude to "retrace and write out its internal reasoning process," generating large-scale chain-of-thought training data [8]. Group 3: Moonshot AI and MiniMax - For Moonshot AI, Anthropic disclosed over 3.4 million interactions, concentrating on agentic reasoning, programming, and computer vision capabilities [8]. - Moonshot employed hundreds of fraudulent accounts and mixed various access paths to lower the overall recognizability of their actions [8]. - The largest distillation activity was attributed to MiniMax, with over 13 million interactions, focusing on agentic programming capabilities and tool orchestration [8]. - Anthropic was able to observe the entire process of a distillation attack from data generation to model release, as MiniMax adjusted its strategy shortly after the release of a new model [8]. Group 4: Security Measures - Anthropic stated that the findings have been used to enhance the platform's security and abuse detection mechanisms, although further details on actions taken were not disclosed [9]. - As of the report's publication, DeepSeek, Moonshot AI, and MiniMax had not responded to the situation [9].