O Alibaba atacou a Anthropic e mostrou como roubar qualquer IA, incluindo a sua
In 44 days, Alibaba made 28.8 million interactions with Claude using 25,000 fake accounts. The goal was to copy what the model knows how to do without paying for development. But what interests me is not Alibaba. It's what this case reveals about any company that has adopted AI and exposes an interface to the world. You don't need to be Anthropic to be vulnerable. If your company has a chatbot, an internal assistant, or any AI system that answers questions, you have an attack surface that probably no manager is thinking about. WHAT YOU WILL LEARN • Distillation: how to extract the capabilities of a model by answering questions at scale • System prompt reverse engineering: how to discover the proprietary instructions that shape your assistant's behavior • RAG extraction: how to mine your knowledge base through model responses • The three questions any manager should be asking their technology team right now ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Sources: CNBC: https://www.cnbc.com/2026/06/24/anthr... Bloomberg: https://www.bloomberg.com/news/articl... Reuters: https://www.reuters.com/world/china/a... Financial Times: https://www.ft.com/content/8496c940-f... Valor Econômico: https://valor.globo.com/empresas/noti... The Wall Street Journal: https://www.wsj.com/tech/ai/anthropic... Presented by Maria Alice Maia, data scientist from UC Berkeley, professor, doctoral candidate and researcher in AI usage behavior and governance at FGV EBAPE, founder of Estudio 68 and Micah 6 AI. micah6ai.com ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FREQUENTLY ASKED QUESTIONS: Q: What is an AI distillation attack? A: Distillation is a method of training a smaller model using the responses of a larger model. When done without permission, via fraudulent accounts, it becomes intellectual property theft. The resulting model learns the capabilities of the original without the attacker incurring any costs. Q: What is system prompt reverse engineering? A: It is the process of systematically asking questions to an AI assistant to infer the proprietary instructions that shape its behavior. It's not technical distillation, but the effect is similar: the competitive advantage of the system prompt can be reconstructed from the responses. Q: How does RAG extraction work? A: RAG (Retrieval-Augmented Generation) systems consult proprietary documents in real time to answer questions. An attacker can ask systematic questions to reconstruct the content of these documents from the model's responses, without directly accessing the database. Q: What is the difference between distillation, prompt reverse engineering, and RAG extraction? A: The attack vector is the same (exposed interface + volume of interactions), but what is extracted is different. Distillation extracts capabilities from the model. Reverse engineering extracts proprietary instructions. RAG extraction extracts data from the knowledge base. A company can be vulnerable to all three simultaneously. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ CHAPTERS 00:00 The case that changes the question 00:53 Introduction 01:16 What happened: Alibaba attack 04:01 Risk 1 — Distillation 07:03 Risk 2 — Reverse engineering of System Prompt 10:43 Risk 3 — Extraction via RAG 14:26 Friction pause 15:26 What changes in practice 16:58 Framework — 3 questions for your team

Como se desmascara um modelo de IA: o caso da Prefeitura do Rio

Como ser um Trilionário

How to Get Rich with AI | According to Anthropic

Anthropic's Boris Cherny: Why Coding Is Solved, and What Comes Next

Using Large Language Models | Build Your Own LLM Workshop #1

THE BIG PROBLEM WITH THE 48-TEAM WORLD CUP

Lawyer analyzes Monark vs. Igor

Claude Fable 5 vs. Sonnet: What Really Changed and Where the Hype Gets It Wrong | Estudio68 | Mic...

Why There Is NO CONCRETE SLAB in American Homes? Learn the Truth!

The AI bill has come due: Uber and Amazon have lost control of their costs | The 3 questions that...

Inside Anthropic, the $965 Billion AI Juggernaut | The Circuit

SOMETHING HAPPENED IN JAPAN THAT WILL AFFECT THE WHOLE WORLD | BRUNO MUSA

Stop Calling Everything an Agent: Learn AI Architecture the Right Way

6 AI Armies That Change EVERYTHING | Github Repositories

Iran: "US bases will burn" - Iran and Trump exchange attacks! Corruption in Javier Milei's govern...

EMPREGOS DO FUTURO (e profissões que não têm futuro)

Anthropic Just Confirmed It: The 2028 AI Warning Is Real

How to turn news into data and what to ask when someone says they're doing it

The Japanese AI That Challenged Claude Fable 5 (Sakana Fugu)

