Alibaba to Ban Claude Code Over Alleged Backdoor Risks
Alibaba will reportedly prohibit the use of Anthropic’s Claude Code across its internal workplace environments beginning July 10, following allegations that the AI coding assistant contains a covert detection mechanism resembling backdoor-like behavior.
The decision, first reported by Yicai and later confirmed by Reuters through a source familiar with the matter, arrives amid escalating tensions between the two companies over model distillation practices and AI security standards.
Alibaba has not publicly confirmed the restriction or responded to media inquiries, but the move underscores growing enterprise unease about the security posture of AI-powered developer tools, particularly those with deep access to internal codebases and infrastructure.
Alibaba to Ban Claude Code
Claude Code, a command-line-based coding assistant built to help developers write and debug software, has seen rapid enterprise adoption, making any security concern especially consequential.
The allegations trace back to a June 30 Reddit post by a user identified as “LegitMichel777,” who claimed to have reverse-engineered Claude Code’s behavior.
According to this technical analysis, versions since 2.1.91 (released April 2) reportedly evaluated user proxy settings and system time zones against internally embedded lists.
These lists allegedly contained identifiers tied to Chinese corporate networks, AI labs, and cloud infrastructure providers, including Alibaba, Baidu, ByteDance, and Moonshot AI.
Upon detecting a match, the tool reportedly avoided explicit telemetry transmission. Instead, it subtly altered elements of its system prompt, such as date formatting or punctuation, to encode a detection signal, an approach resembling covert watermarking or anti-fraud fingerprinting techniques.
While such mechanisms could plausibly serve anti-abuse purposes, the lack of disclosure and the targeted nature of the detection logic have fueled concerns about transparency and potential misuse. Anthropic has not issued an official security advisory addressing the issue.
However, a member of Anthropic’s Claude Code team reportedly stated on social media that the mechanism was designed to prevent account abuse and large-scale model distillation, and that the feature would be removed in a future update.
Reports indicate remediation efforts were already underway by July 1, suggesting the mechanism may have remained active for nearly three months before being addressed.
No independent cybersecurity firm has yet published a full technical audit to verify these claims or assess the associated risk exposure. This controversy follows earlier accusations from Anthropic against Alibaba’s Qwen AI division.
In a June 10 letter to U.S. lawmakers, Anthropic alleged that operators linked to Alibaba conducted a massive distillation campaign involving approximately 25,000 accounts and over 28 million interactions with Claude models, an operation described as the largest known attempt to extract model capabilities, surpassing prior incidents attributed to other AI firms.
Reuters noted that Alibaba has not publicly addressed these distillation allegations either. Alibaba’s reported ban reflects intensifying scrutiny of AI-assisted development tools, particularly around hidden functionality, undisclosed telemetry, and data exposure risks.
If enforced, the restriction could establish a precedent for how enterprises vet and govern AI coding assistants going forward, especially as disputes over distillation and covert detection mechanisms increasingly intersect with geopolitical AI competition.
No Comment! Be the first one.