China tells devs to ditch Claude Code over 'backdoor code' fears

Bender2 pts0 comments

China: Ditch older Claude versions with backdoor code

Jump to main content

Search

REG AD

Security

China tells devs to ditch Claude Code over 'backdoor code' fears

National vulnerability database claims monitoring mechanism can forward Chinese users' data to remote servers

Connor Jones

Connor<br>Jones

Cybersecurity reporter

Published<br>wed 8 Jul 2026 // 14:58 UTC

China's National Vulnerability Database (CNVDB) is urging developers to uninstall recent Claude Code versions over the fear that they can scoop up sensitive user data without consent.<br>Referring to it as "backdoor code," the state-run body claimed over WeChat and in an online statement that a "built-in monitoring mechanism" can gather details such as a user's location and identity, and forward them to remote servers.<br>It said the alert only applies to Claude Code versions 2.1.91 (April 2) to 2.1.196 (June 29). "It is recommended that relevant units and users immediately conduct a comprehensive investigation," CNVDB said on Wednesday.

REG AD

"For development terminals with the above-mentioned affected versions installed, immediately uninstall or upgrade to the latest secure version with the relevant backdoor code removed; strengthen the control of external access permissions and traffic monitoring of development tools within core business network segments to prevent the unauthorized transmission of sensitive data."

REG AD

The Register asked Claude maker Anthropic to comment, but it did not immediately respond.<br>Neither did Anthropic answer our questions last week about its covert code designed to prevent competing AI companies from extracting intel about Claude's inner workings.<br>Claude Code engineer Thariq Shihipar stated publicly that Anthropic launched an experiment in March to protect against model distillation – a process by which AI companies try to improve their models by training them on the answers of those that are more advanced.<br>"The team has landed stronger mitigations since then and we've actually been meaning to take this down for a while," he said. The secret steganography system was removed in version 2.1.198, released on July 1.

MORE CONTEXT

Anthropic is removing its covert code for catching Chinese competitors

Anthropic reserves right to check ID for Claude subs

New humanoid robots from China look like creepy pop star action figures – complete with slightly dodgy lip-synch

China's agentic AI policy wants to keep humans in the loop

We had asked Anthropic whether it disclosed this mechanism in its terms of service documents, but it referred us to Shihipar's statement, which did not address the question.<br>Anthropic's alleged tracking of Chinese users is not the only matter contributing to souring relations between the AI company and China. It was also embroiled in a public spat with Chinese tech giant Alibaba, which it accused of using Claude's outputs to improve Alibaba models.<br>According to a letter to two US senators seen by Reuters, it was the largest attack on Anthropic's AI that the company had ever seen.<br>More recently, Alibaba banned its staff from using Claude over fears it could be used to identify Chinese users, according to the South China Morning Post. ®

security

REG AD

ai and ml

OpenAI job listing suggests ChatGPT could someday replace junior analysts at Goldman Sachs

What, did someone get some bad news during their IPO process or something?

security

GitHub Copilot: Sorry Dave, I can't do that harmful thing - unless you ask me in code

More fun with AI jailbreaks, this time at the workflow level

Put all your data and AI to work and get it out of silos and lakehouses

PARTNER CONTENT: In the agentic era, intelligence has to be where the agents and data are acting, not separated from it.

Virtualization

Allstate Insurance quits Broadcom, alleges vengeful license audit on the way out

CA and VMware both suing insurance giant

networks

Media Over QUIC can scale real-time streaming and carry the world's vids

The low latency of WebRTC, the scalability of DASH, and perhaps no need for CDNs

PERSONAL TECH

AI memory crunch takes a bite out of PC shipments

IDC warns smaller players may struggle as DRAM drought drags on

MOST POPULAR

ai and ml

Even banks and hyperscalers are now sounding the alarm about the AI bubble

Security

Hackers shoveled snow for company, were rewarded with network admin access

OFFBEAT

C programmers commit fresh crimes against readability

AI AND ML

New humanoid robots from China look like creepy pop star action figures – complete with slightly dodgy lip-synch

os platforms

Former Microsoft engineer shrinks Notepad down to size

AI

AI and ML

AI is becoming a bargain hunter's market, with a few luxury models on top

Inference is become a commodity except for frontier models

AI and ML

South Korean chip startup FuriosaAI invades European datacenters

RNGD accelerators land in Equinix's Lisbon DCs

AI and ML

Enterprise AI still smarting from leaping before looking

Majority...

code claude china anthropic from backdoor

Related Articles