On February 12 (local time), Google disclosed that its AI chatbot, Gemini, is currently under a barrage of "distillation attacks." In these attacks, malicious actors are attempting to decipher the model's output patterns and underlying logic, as well as to explore its internal mechanisms, by bombarding it with a multitude of questions. Their ultimate goal is to "clone" the model or to enhance their own AI systems. One notable attack campaign alone involved more than 100,000 prompts aimed at Gemini. These attacks are predominantly launched by "commercially motivated actors" operating from various locations across the globe. The lead analyst of Google's Threat Intelligence Group cautioned that such attacks could potentially extend their reach to customized AI tools tailored for small businesses. Google underscored that distillation attacks represent a form of intellectual property theft. Despite having implemented measures to detect and thwart these attacks, the inherent openness of large model services still renders them susceptible. The majority of these attacks are focused on stealing Gemini's "reasoning" algorithms. As an increasing number of companies train their own customized large language models, the potential damage caused by distillation attacks is expected to surge even further.