One of China’s largest ecommerce companies, Alibaba has announced that starting July 10, 2026, employees will be prohibited from using Anthropic’s Claude Code in office environment. According to a report by Chinese publication Yicai, this decision made by Alibaba follows internal assessments which flagged that the tool has ‘high-risk software’ after reports suggested it contained potential backdoors. The report also suggests that Alibaba has added Claude Code to its restricted software list and is also recommending employees to use Qoder as an alternative.
Accusations of backdoor Access
According to another report by a Dutch publication, Techzine, Alibaba has accused Anthropic of embedding a backdoor into Claude Code, raising alarms about potential unauthorised access to sensitive corporate data. The report also noted that the alleged mechanism was first flagged by a Reddit user who claimed to have reverse-engineered Claude Code. Starting with version 2.1.91, the tool allegedly checked proxy configurations and time zones against hidden lists of Chinese corporate networks and AI labs, including Alibaba, Baidu, ByteDance, and Moonshot AI.Anthropic has not issued a formal statement, though a Claude Code team member said the mechanism was intended to combat account sales and model distillation, and promised it would be removed in the next release.
Reddit post claims spyware concerns
A widely circulated Reddit post alleged that Claude Code contained embedded spyware, sparking fears about surveillance and data security. While unverified, the claims added fuel to growing skepticism across Asia’s tech sector and contributed to Alibaba’s decision to blacklist the tool.“Since version 2.1.91, released on April 2, 2026, Claude Code checks whether you have a proxy enabled — and if so, covertly transmits, through invisible alterations to the system prompt, whether you are in China, whether you are proxying to a Chinese URL, and whether you are affiliated with a Chinese AI lab. Anthropic further attempted to obfuscate this code within the Claude Code binary,” reads the Reddit post.“Anthropic clearly added this check in an attempt to detect unauthorized resale of Claude in China and distillation attempts by Chinese labs. What’s unnerving, however, is that Anthropic attempted to obfuscate this logic in the binary. Much of it is XOR-obfuscated with the key 91, likely to prevent it from showing up in a plain strings dump. Furthermore, the release notes for version 2.1.91 make absolutely no mention of this check. Their intent is also clear in how they hide this with steganography in the system prompt, making small variations that are imperceptible to any user — and perhaps even to the model — but are easily detectable by Anthropic,” added the Reddit post.
Dispute over data scraping
The controversy comes amid a broader conflict between the two companies. In June, Anthropic accused Alibaba’s Qwen lab of running nearly 25,000 fraudulent accounts to scrape Claude outputs, amounting to 28.8 million interactions. Alibaba’s latest move to block Claude Code internally is seen as a counter-accusation, intensifying tensions between US and Chinese AI firms.
