Suspicious Behavior Detected
Alibaba is reportedly preparing to prohibit the use of Anthropic’s Claude Code, an AI coding assistant, within its corporate networks starting July 10, 2026. The decision stems from allegations that the tool contains hidden mechanisms capable of identifying specific network environments. A Reddit user named LegitMichel777 claimed to have reverse engineered Claude Code and found that versions 2.1.91 and later performed silent checks on proxy settings and system time zones. These checks were then compared against internal lists linked to Chinese companies such as Alibaba, Baidu, and ByteDance.
Covert Encoding Method
Rather than sending obvious telemetry data, the tool allegedly encoded its findings by subtly altering internal system prompts. This included changing date formats or swapping punctuation, creating a hidden signaling channel that could evade standard detection tools. Anthropic has not officially commented on the allegations, but a team member stated on social media that the feature was intended to prevent account abuse and model distillation. The company indicated plans to remove the mechanism in a future update, with remediation reportedly starting around July 1.
Broader Implications
This controversy follows previous tensions between Alibaba and Anthropic. In June, Anthropic accused Alibaba’s Qwen AI lab of large scale model distillation, allegedly using nearly 25,000 accounts to extract AI capabilities. Security experts caution that no independent third party has verified the backdoor claims, leaving the possibility that the feature was a defensive measure or an unintended privacy risk. If Alibaba proceeds with the ban, it could set a precedent for other enterprises to scrutinize AI coding tools for covert behavior, especially in sensitive environments. Both companies now face increasing demands for greater transparency and independent audits.
Source: Cyber Security News
