Key Takeaways:
- Beijing flags security risks in Anthropic Claude Code, the AI programming tool.
- The government warns that the tool may leak sensitive user data abroad.
- Anthropic describes the mechanism as an experimental measure against service abuse.
China’s cybersecurity regulator has issued a formal warning regarding Anthropic’s Claude Code, alleging the AI programming tool contains a “security backdoor” that could transmit sensitive user information to foreign servers.
Beijing Issues Cybersecurity Alert
The National Vulnerability Database (NVDB), a platform operated by the Ministry of Industry and Information Technology, stated on Wednesday that it identified a built-in monitoring mechanism in several versions of the software.
According to the agency, this mechanism potentially exposes user locations and identity identifiers to remote servers without explicit consent, posing what it labeled a “severe threat.”
The alert specifically identifies Anthropic Claude Code versions 2.1.91 through 2.1.196 of the coding assistant. The NVDB has urged institutions and individual users to immediately inspect their systems, uninstall the flagged versions, or upgrade to the latest secure software build.
Anthropic Defends Mechanism as Anti-Abuse Measure
Anthropic, a U.S.-based artificial intelligence firm, maintains that the software mechanism in Anthropic Claude Code is an experimental feature designed to prevent account abuse and protect its proprietary models from distillation, a process where smaller models are trained using outputs from larger ones.
“This is an experiment we launched in March intended to prevent account abuse from unauthorized resellers and protect against distillation,” Anthropic engineer Thariq Shihipar wrote in a recent social media post. Company representatives added that the feature was meant to detect if requests were routed through regions where the service is restricted.
The company has faced ongoing tensions with Chinese technology firms over intellectual property. Last month, Anthropic accused the Chinese e-commerce and tech giant Alibaba of orchestrating an industrial-scale campaign to extract its AI capabilities, a charge Alibaba has not publicly addressed in detail.
Cross-Border Tech Standoff Intensifies
The security alert surrounding Anthropic Claude Code has triggered a swift reaction within China’s technology sector. Sources familiar with the matter report that Alibaba recently instructed its employees to cease using Claude Code by July 10, directing its workforce to transition to the company’s internal coding assistant, Qoder.
Industry analysts observe that this dispute involving Anthropic Claude Code highlights the deepening rift between U.S. and Chinese artificial intelligence development. As both nations categorize frontier AI models as critical national security assets, the ability for researchers to access cross-border tools is increasingly under threat.
“This is part of a broader effort to prevent security risks brought by AI agents and improve industry supervision,” said Liu Gang, chief economist at the Chinese Institute of New Generation Artificial Intelligence Development Strategies. Regulatory bodies in both countries continue to tighten oversight on third-party tools, viewing them as potential vectors for both cyberespionage and unauthorized data exfiltration.
Visit more of our news! CyberPro Magazine




