China warns of “security backdoor” in Anthropic AI coding tool
China Flags "Security Backdoor" in Anthropic AI Coding Tool
China warns of security backdoor in Anthropic - China has raised alarms about a potential "security backdoor" in Anthropic’s AI coding tool, Claude Code, following an investigation by the National Vulnerability Database (NVDB). This cybersecurity platform, operated by China’s Ministry of Industry and Information Technology, issued a formal warning on Wednesday, emphasizing that the tool might inadvertently share sensitive information—such as user locations and identity-related data—back to Anthropic's servers without explicit user consent. The discovery has sparked concerns about data privacy and national security, particularly as the tool is increasingly adopted by developers and businesses in China.
Understanding the Backdoor and Its Implications
The "security backdoor" in question refers to a hidden pathway within the tool's code that could allow unauthorized access to user data. According to the NVDB, this feature might be activated without users realizing, enabling Anthropic to collect information even from those who accessed the tool through virtual private networks (VPNs) or third-party proxy services. While Anthropic has imposed restrictions on users in China and other adversarial nations, the tool remains accessible via these alternative methods, raising questions about its effectiveness in safeguarding sensitive data.
Analysts have pointed out that the backdoor could be a deliberate design choice or an oversight in the tool's development. The NVDB’s report suggests that the feature might be linked to Anthropic’s efforts to prevent account abuse by unauthorized resellers and to combat model distillation, a process where AI models are reverse-engineered to replicate their capabilities. This dual-purpose design has led to speculation that the backdoor could serve both as a security measure and a potential data leakage risk.
China’s Response and Industry Reactions
In response to the warning, Chinese tech companies have taken proactive measures to mitigate risks. Alibaba, for instance, recently banned the use of Claude Code among its employees, effective July 10, citing security concerns. This decision follows reports in specialist tech media that highlighted the potential for the tool to compromise data integrity. Alibaba had previously faced criticism for distilling Anthropic's models to mimic their functions, and the new ban underscores the company’s commitment to addressing emerging threats in AI technology.
The NVDB has urged institutions and individuals to conduct thorough audits of their systems and either uninstall the tool or upgrade to a secure version that eliminates the backdoor code. Additionally, they recommend enhancing network traffic monitoring to detect and block unauthorized data transmissions. These steps aim to prevent data leaks that could be exploited by foreign entities or malicious actors. The warning has also prompted discussions about the need for stricter regulations on AI tools operating within China’s borders.
"This was an experiment we launched in March to prevent account abuse by unauthorized resellers and protect against distillation," stated Thariq Shihipar, a Claude Code engineer, in an X post. "The team has since implemented stronger safeguards and we’ve been planning to remove this feature for some time. It should be fully rolled back in tomorrow’s update."
Shihipar’s statement clarifies that the backdoor was not a permanent feature but a temporary measure. However, its presence has already sparked debates about the balance between innovation and security in AI development. Critics argue that even a short-term backdoor could be exploited if not properly addressed, especially in a globalized tech environment where data flows across borders.
As China continues to prioritize data sovereignty, the issue highlights the growing scrutiny of AI tools used in critical sectors. The country has been actively developing its own AI technologies, such as the large language models developed by companies like Tencent and Baidu, to reduce reliance on foreign systems. The security backdoor in Claude Code, therefore, has become a focal point for policymakers and cybersecurity experts who are monitoring how international AI platforms might affect national data control. This incident could influence future decisions about the adoption of AI tools in China’s tech ecosystem.