Anthropic and China Clash Over Reported Security Risks in Claude Code

Latest versions of Anthropic’s AI coding tool are backdoored to access data, the Chinese government claims. Anthropic says Chinese users shouldn't be accessing Claude anyway.

Published on Jul 10, 2026
Akshaya Asokan Written by Akshaya Asokan
Anthropic and China Clash Over Reported Security Risks In Claude Code

The Chinese government has urged developers to stop using recent versions of Anthropic’s AI coding model, Claude Code, days after reports claiming the company used spyware-like trackers to monitor Chinese users and access their data.

In an alert issued on Wednesday, the Chinese Ministry of Industry and Information Technology’s Network Security Threat and Vulnerability Information Sharing Platform, said the Claude models from 2.1.91 to 2.1.196 have a “security backdoor hidden” and that the platform is “seriously harmful.”

The ministry added the built-in mechanism backdoor allows the app to monitor and transfer data related to users’ geography and identity without consent. The ministry urged users to “immediately uninstall” affected versions or update to a secure release.

Anthropic on Thursday criticized the Chinese government’s action, noting that Chinese users have never been able to officially use its AI services and that the hidden code was simply used to stop unauthorized usage. The actions from the ministry come just days after a security expert claimed Anthropic used spyware-like trackers on Chinese users. The researcher, who goes by the moniker “Thereallo,” said the company deployed “prompt steganography” to hide code in plain sight, and that it covertly sent user data.

Anthropic has now removed this tracker, which it says was deployed as an “experiment” put in place to prevent abuse from unauthorized resellers and protect against distillation, where a rival trains a smaller model on a larger one’s outputs to replicate its capabilities. 

Anthropic has never launched in China, citing national security concerns. Despite this, Chinese users have been known to access Anthropic platforms through virtual private networks or third-party proxies.

Prior to the ministry warning, Chinese e-commerce giant Alibaba also banned Claude Code beginning from July 10, over security concerns. In June, Anthropic accused the Chinese company of attempting to clone Claude. Anthropic has raised similar concerns against other Chinese apps such as DeepSeek, Moonshot, and MiniMax.

These events mark heightened tensions between Chinese and American AI companies over market dominance. Chinese AI companies such as the newly released Zhipu AI’s GLM-5.2 and DeepSeek R1 have ranked highly among capabilities, announcements of which have sent shockwaves across the US AI stock market.

This field is for validation purposes and should be left unchanged.

FREE NEWSLETTER

Cyber Weekly

Get curated cybersecurity news, threats and insights delivered free every Thursday.

Written By Written By
Akshaya Asokan
Akshaya Asokan Freelance Journalist

Akshaya Asokan is a U.K.-based cybersecurity and technology journalist with experience covering nation‑state hacking operations, cyber and tech policy, and emerging cybercrime trends. She previously served as the senior European cybersecurity correspondent for Information Security Media Group’s Global News Desk. Before that, she reported on IT developments for IDG Media and covered artificial intelligence and machine learning for Analytics India Magazine. Earlier in her career, she wrote on sexual and religious minority rights as a reporter for The New Indian Express.