Chinese government agencies have announced that Claude Code contains a backdoor.

The Chinese government's National Information Security Vulnerability Database (CNNVD) has announced that a 'security backdoor vulnerability' has been found in Anthropic's AI coding tool, 'Claude Code.'
China Says It Has Found Security Vulnerabilities in Anthropic's Claude Code - WSJ
China alleges that Claude Code contains backdoors, calls mechanism 'a serious threat' — Gov't claims Claude sends sensitive information to remote servers without consent | Tom's Hardware
https://www.tomshardware.com/tech-industry/artificial-intelligence/china-alleges-that-claude-code-contains-backdoors-calls-mechanism-a-serious-threat-govt-claims-claude-sends-sensitive-information-to-remote-servers-without-consent
CNNVD pointed out that versions of Claude Code released between April and June 2026 'may transmit location and personal information to remote servers without user consent through a monitoring mechanism.' In addition, it warned that 'such a mechanism could be a serious threat' and advised users to uninstall the software or update to the latest version.
Immediately before this announcement, a series of investigations were published revealing that certain versions of Claude Code contained code designed to identify users accessing it from China.
According to Reddit user LegitMichel777, Claude Code version 2.9.1, released on April 2, 2026, has been embedded with obfuscated code that retrieves information about whether a user is in China, whether they are using a proxy connection to a Chinese URL, and whether they have an AI research institute or study group in China, and then sends this retrieved information externally.
Independent developer Thereallo also made a similar point, stating that Claude Code was obtaining the user's connection path.
Claude Code was reportedly recording users' connection paths by 'changing the date format,' using a mechanism to distinguish between different formats such as '2026-06-30' and '2026/06-30' - GIGAZINE

Tariq Sihiper, an engineer at Anthropic, has confirmed the information regarding this matter. Sihiper explained, 'This was an experiment that we started in March (2026) with the aim of preventing unauthorized resellers from abusing accounts and protecting against distillation. The team has since implemented stronger measures. We have been planning to end the experiment for some time now. We have merged the PR, so it should be fully rolled back in tomorrow's release (July 2, 2026).' However, he has been criticized for this, with some saying it is 'still espionage' and 'just an excuse.'
Hi, this is an experiment we launched in March that was meant to prevent account abuse from unauthorized resellers and protect against distillation.
— Thariq (@trq212) June 30, 2026
The team has landed stronger mitigations since then and we've actually been meaning to take this down for a while. We merged the…
Following the investigation results, Chinese giant Alibaba has banned the use of Claude Code internally due to security risks.
Alibaba bans employees from using Claude Code due to security risk concerns - GIGAZINE

Furthermore, Anthropic's services are not approved for general use in China, and Anthropic restricts access to Claude in China for national security reasons.
CNNVD has previously identified and published more than 20 vulnerabilities in Claude Code.

Related Posts:






