China's Regulatory Body Warns Developers to Uninstall Claude Code Over Alleged Backdoor Monitoring
Key Takeaways
- ▸CNVDB identified a monitoring mechanism in Claude Code versions 2.1.91-2.1.196 that allegedly collects user location and identity data and forwards it to remote servers
- ▸Anthropic previously implemented undisclosed anti-distillation code to prevent Chinese competitors from extracting model information, later acknowledging and removing it
- ▸The warning reflects escalating tensions between Anthropic and China over model protection methods, data usage practices, and competitive AI development
Summary
China's National Vulnerability Database (CNVDB), a state-run organization, has issued an official warning urging developers to immediately uninstall or upgrade Claude Code versions 2.1.91 through 2.1.196, claiming they contain "backdoor code" with a built-in monitoring mechanism capable of collecting sensitive user data including location and identity and forwarding it to remote servers. The alert, distributed via WeChat and official statements, recommends comprehensive security reviews and stricter access controls for organizations using the affected versions.
This warning emerges in the context of recent disclosures about Anthropic's own hidden monitoring mechanisms. Anthropic engineer Thariq Shihipar confirmed that the company implemented a covert steganography system starting in March 2025 to prevent model distillation—a technique used by competing AI companies to extract knowledge from more advanced models. While Anthropic claimed the system was removed in version 2.1.198 (July 1), questions remain about transparency and disclosure practices regarding such monitoring.
The controversy reflects escalating geopolitical tensions between Anthropic and China's AI sector, highlighted by disputes with Chinese tech giant Alibaba over alleged unauthorized use of Claude's outputs to improve competitor models. The incident underscores broader concerns about surveillance, competitive practices, and data privacy in the global AI landscape.
- Chinese organizations are urged to implement stricter data access controls and traffic monitoring for development tools



