Alibaba is said to be getting ready to ban the use of Anthropic’s Claude Code in its own systems starting July 10. This choice follows claims that the AI coding helper has a hidden detection method that acts like a backdoor.
The news, first reported by the Chinese financial outlet Yicai and later confirmed by Reuters, has not been officially acknowledged by Alibaba. It shows the rising tensions between big AI companies due to worries about model safety, data theft, and gathering information about rivals.
Claude Code, Anthropic’s tool for coding, has quickly become popular with business developers. It helps create, fix, and improve code right in terminal settings.
Its increasing presence in businesses makes the supposed security worries very important, especially for big companies like Alibaba that handle large cloud and AI systems.
This ban comes at a time when Anthropic and Alibaba have both made claims against each other about model distillation and taking data without permission.
The controversy began with a June 30 Reddit post by a user named “LegitMichel777,” who claimed to have reverse-engineered Claude Code while trying to restore a disabled remote control feature.
Versions of Claude Code since 2.1.91 (released on April 2) are said to have hidden rules that check system settings, based on technical analysis shared by the user and summarized by many security news sources.
The tool checks if a user’s proxy settings or system timezone match items in two hidden lists linked to Chinese companies and AI research groups, like Alibaba, Baidu, ByteDance, and Moonshot AI.
The system does not send telemetry directly. Instead, it changes detection results by slightly adjusting internal prompts, changing date styles, and swapping punctuation marks.
If validated, this could represent a new form of covert environmental fingerprinting designed to evade traditional detection methods while enabling behavioral tracking or policy enforcement.
Anthropic has not made a public statement about these claims. But, a member of the Claude Code development team said on social media that the feature is meant to stop abuse by finding account reselling and big attempts to copy the model.
The developer indicated that this functionality would be removed in an upcoming release, with reports suggesting remediation efforts were already underway as of July 1. Based on this timeline, the feature may have been active for approximately three months.
In a letter on June 10 to U.S. lawmakers, Anthropic said that groups tied to Alibaba’s Qwen AI created a big scheme with about 25,000 fake accounts, leading to over 28 million interactions with Claude models in six weeks. Alibaba has not said anything publicly about these claims.
Despite many talks, no outside security check has confirmed the claimed backdoor’s presence or purpose. The lack of official comments from both companies leaves big questions unanswered about whether the tool is a security risk, a defensive measure against fraud, or just a misunderstood feature.
If it happens, Alibaba’s ban would be one of the first major rules against suspected hidden features in an AI coding tool. This could change how companies trust AI development tools.
InfoSecBulletin Cybersecurity for mankind
