Chinese Grey Market Sells Claude API Access at 90% Discount Using Stolen Credentials
WASHINGTON — A Chinese grey market operation is selling access to Anthropic’s Claude API at discounts of up to 90% through proxy networks using stolen credentials, Tom’s Hardware reported this week.
The operation relies on so-called “transfer stations” — proxy networks that route API requests through intermediaries — to offer cut-rate access to Claude, the flagship AI model developed by San Francisco-based Anthropic. The scheme involves multiple layers of fraud, including the use of stolen API credentials, model substitution in which cheaper AI models are swapped in for premium ones, and the systematic collection of user data for resale, according to the report.
The grey market operation poses security and intellectual property risks for U.S. businesses and developers who may unknowingly interact with these unauthorized intermediaries. Users who access Claude through these channels face the prospect of having their prompts — which may contain proprietary business information, code, or sensitive data — intercepted, stored, and resold as training data for other AI systems.
Model substitution adds another dimension of risk. Buyers who believe they are accessing Anthropic’s most capable models may instead receive responses from cheaper, less capable alternatives, potentially compromising the quality and reliability of applications built on top of the API.
The report highlights challenges for major AI providers as demand for large language model access outstrips supply in certain markets. China’s restrictions on access to leading Western AI models have created conditions for grey market intermediaries who exploit credential theft and proxy infrastructure to bridge the gap.
Anthropic, which has raised billions in funding and counts Amazon as a major investor, has not publicly commented on the specific grey market operation described in the report. The company has previously emphasized its commitment to safety and responsible deployment of its AI systems.
The scheme highlights broader vulnerabilities in the API-based distribution model that has become standard across the AI industry. API keys, which serve as the primary authentication mechanism for accessing cloud-based AI services, have long been a target for credential theft. Security researchers have repeatedly warned that leaked or stolen API keys can be exploited at scale before providers detect the unauthorized usage.
For enterprise customers, the report raises questions about supply chain security in AI deployments. Organizations that source API access through third-party resellers or unvetted channels may be exposing sensitive data without adequate safeguards.
The grey market activity could implicate U.S. export controls and sanctions regulations, depending on the specific entities involved and the nature of the AI capabilities being resold, legal analysts note. The Commerce Department’s Bureau of Industry and Security has increasingly focused on preventing unauthorized access to advanced AI technology by foreign actors.
The report notes that the sophistication of the transfer station model — combining credential theft, model substitution, and data harvesting into an integrated operation — suggests an organized commercial enterprise rather than opportunistic individual actors.
