The Frontier Labs Unite Against China, and Your Agent Fails Two-Thirds of Real Life

OpenAI, Anthropic, and Google have begun sharing adversarial distillation intelligence through the Frontier Model Forum, the industry nonprofit the three companies founded with Microsoft in 2023. The goal: detect and block Chinese competitors extracting capabilities from frontier US models. Bloomberg reported the collaboration on April 6.

The cooperation traces directly to Anthropic's February disclosure of 16 million Claude exchanges across roughly 24,000 fraudulent accounts attributed to MiniMax (approximately 13 million), Moonshot/Kimi (approximately 3.4 million), and DeepSeek (approximately 150,000). The labs are sharing four categories of intelligence: fraudulent account fingerprints, proxy infrastructure data, hardened signup flows, and chain-of-thought elicitation classifiers. The Frontier Model Forum also published an issue brief on adversarial distillation, distinguishing it from legitimate authorized distillation and mapping common attack methods.

The economics explain the urgency. A frontier model costs roughly $1 billion to train. A successful distillation run costs $100,000 to $200,000. Contract enforcement alone cannot close that gap. For anyone building on frontier APIs, this cooperation may tighten rate limiting, add behavioral analysis to API access, and increase friction for legitimate high-volume users alongside adversarial ones. The question is whether detection improves faster than evasion.

Investment signal: The distillation arms race compresses the window during which frontier API access confers a competitive advantage. Companies building moats around model access alone should watch how quickly defensive measures shift the cost curve for adversaries.

Governance signal: Adversarial distillation erodes safety alignment. Distilled models carry capabilities but weaker use constraints. If distilled models are open-sourced, the original developer's guardrails do not transfer.