China tells devs to ditch Claude Code over 'backdoor code' fears China's National Vulnerability Database (CNVDB) urged developers to uninstall recent versions of Anthropic's Claude Code tool, warning that a built-in monitoring mechanism can collect sensitive user data and forward it to remote servers. The alert covers versions 2.1.91 to 2.1.196, and CNVDB recommended immediate uninstallation or upgrade. The warning follows tensions between Anthropic and China, including a public dispute with Alibaba over alleged misuse of Claude's outputs. China tells devs to ditch Claude Code over 'backdoor code' fears Source: The Register https://www.theregister.com National vulnerability database claims monitoring mechanism can forward Chinese users' data to remote servers China's National Vulnerability Database CNVDB is urging developers to uninstall recent Claude /glossary/claude Code versions over the fear that they can scoop up sensitive user data without consent. Referring to it as "backdoor code," the state-run body claimed over WeChat and in an online statement that a "built-in monitoring mechanism" can gather details such as a user's location and identity, and forward them to remote servers. It said the alert only applies to Claude Code versions 2.1.91 April 2 to 2.1.196 June 29 . "It is recommended that relevant units and users immediately conduct a comprehensive investigation," CNVDB said on Wednesday. "For development terminals with the above-mentioned affected versions installed, immediately uninstall or upgrade to the latest secure version with the relevant backdoor code removed; strengthen the control of external access permissions and traffic monitoring of development tools within core business network segments to prevent the unauthorized transmission of sensitive data." The Register asked Claude maker Anthropic /glossary/anthropic to comment, but it did not immediately respond. Neither did Anthropic answer our questions last week about its covert code designed to prevent competing AI companies from extracting intel about Claude's inner workings. Claude Code engineer Thariq Shihipar stated publicly that Anthropic launched an experiment in March to protect against model distillation /glossary/distillation – a process by which AI companies try to improve their models by training /glossary/training them on the answers of those that are more advanced. "The team has landed stronger mitigations since then and we've actually been meaning to take this down for a while," he said. The secret steganography system was removed in version 2.1.198, released on July 1. We had asked Anthropic whether it disclosed this mechanism in its terms of service documents, but it referred us to Shihipar's statement, which did not address the question. Anthropic's alleged tracking of Chinese users is not the only matter contributing to souring relations between the AI company and China. It was also embroiled in a public spat with Chinese tech giant Alibaba, which it accused of using Claude's outputs to improve Alibaba models. According to a letter to two US senators seen by Reuters, it was the largest attack on Anthropic's AI that the company had ever seen. More recently, Alibaba banned its staff from using Claude over fears it could be used to identify Chinese users, according to the South China Morning Post. ®Get AI news in your inbox Daily digest of what matters in AI. Key Terms Explained Anthropic An AI safety company founded in 2021 by former OpenAI researchers, including Dario and Daniela Amodei. Claude Anthropic's family of AI assistants, including Claude Haiku, Sonnet, and Opus. Distillation A technique where a smaller 'student' model learns to mimic a larger 'teacher' model. Training The process of teaching an AI model by exposing it to data and adjusting its parameters to minimize errors.