China’s National Vulnerability Database (NVDB) has issued a formal warning to users of Anthropic’s Claude Code, highlighting what it describes as "security backdoor vulnerabilities" embedded in the AI-powered coding assistant. The government body advises immediate uninstallation or updating to the latest version, citing concerns over unauthorized data transmission to remote servers.
According to reports from the Wall Street Journal, versions of Claude Code released between April and June 2026 included a hidden monitoring mechanism that could transmit sensitive user information—such as location data and device identifiers—without explicit consent. The disclosure follows an investigation by developer Troye Sivan, who uncovered evidence of covert data exfiltration targeting Chinese users. Anthropic engineer Thariq Shihipar acknowledged the practice in a social media post, explaining that the feature was part of an experimental safeguard designed to "prevent account abuse from unauthorized resellers and protect against model distillation."
China’s Distrust of Foreign AI Models Deepens
The NVDB’s warning arrives amid escalating tensions between Beijing and foreign AI developers, particularly those based in the United States. Anthropic has previously accused Chinese AI labs of engaging in industrial-scale model distillation—a process where proprietary AI systems are reverse-engineered to create smaller, derivative versions. In June 2026, the company alleged that Alibaba had illicitly distilled its models using 25,000 fraudulent accounts and 28.8 million API exchanges. Earlier in the year, Anthropic also accused DeepSeek of similar activities, claiming the company used 24,000 fake accounts to train competing models.
Beyond distillation concerns, reports have emerged of Claude Code’s API access being resold on Chinese grey markets at steep discounts—up to 90% off retail prices—through proxy networks that harvest user data. These parallel markets further complicate efforts to regulate AI tool usage in the region, as developers bypass official distribution channels to gain access.
Anthropic Responds with Transparency Measures
In response to the scrutiny, Anthropic has pledged to roll back the experimental monitoring mechanism, with Shihipar stating that the feature would no longer operate in "hidden" mode and would instead be clearly disclosed in future updates. The company’s decision follows an earlier acknowledgment that the tracking system was part of a short-term experiment launched in June 2026. While the latest version of Claude Code is expected to include more transparent data handling practices, the damage to trust among Chinese users and regulators may already be done.
China’s cybersecurity agency has not banned Claude Code outright, but the lack of formal approval for its public use—despite undergoing regulatory review—creates a legal gray area. Anthropic’s decision to restrict access to its tools in China due to national security concerns has further strained relations. Despite these barriers, Chinese developers continue to find workarounds, accessing the platform through unofficial channels.
With AI governance tightening globally, the episode underscores the fragility of cross-border trust in emerging technologies. As governments grapple with balancing innovation and security, users and developers alike must navigate an increasingly complex regulatory landscape where transparency and compliance are no longer optional.
The next iteration of Claude Code may introduce stricter data controls, but the incident serves as a reminder that even well-intentioned experiments can erode confidence when conducted without full transparency.
AI summary
Çin’in yapay zeka güvenlik kurumu, Anthropic’in Claude Code aracında gizli izleme sistemleri bulunduğunu iddia etti. Peki bu sistemler neleri kaydediyor ve geliştirici firma nasıl yanıt verdi?



