Home Tech China Warns of Security Risks in Anthropic’s Claude Code: What You Need...

China Warns of Security Risks in Anthropic’s Claude Code: What You Need to Know

0

Chinese authorities have issued a warning about potential security backdoors in Claude Code, an artificial intelligence (AI) development tool created by the American AI company Anthropic.

On Wednesday, China’s Network Security Threat and Vulnerability Information Sharing Platform (NVDB), under the Ministry of Industry and Information Technology, released a notice stating that their monitoring had uncovered serious security concerns in the AI tool Claude Code.

Officials explained that Claude Code can autonomously perform tasks like code writing and recovery upon request. However, its monitoring features could potentially transmit users’ location, idenification (ID), and other sensitive data to remote servers without explicit consent.

The affected versions of Claude Code were identified as ranging from 2.1.91 to 2.1.196.

The authorities have urged relevant organizations and users to conduct immediate and thorough investigations. They recommend either removing devices running the affected versions or upgrading to the latest secure version that has addressed the backdoor issue.

They emphasized the need to bolster external permission controls and traffic monitoring for development tools in critical operational areas to prevent unauthorized transmission of sensitive information.

Prior to this, Alibaba had announced a company-wide ban on the use of Claude Code.

Major Chinese tech firms like Alibaba have been actively promoting AI technology use among their employees, reportedly covering the costs for external models such as Claude, ChatGPT, and Gemini.

In a related development, Anthropic accused Alibaba of conducting a distillation attack, claiming the company used roughly 25,000 fake accounts to engage in over 28 million conversations with Claude, effectively pirating Anthropic’s AI model.

Anthropic asserted that Chinese companies, including Alibaba, are using hostile distillation attacks to copy American AI models cheaply and develop their own. They described this practice as illegal, systematic, and occurring on an industrial scale.

Reports indicate that Anthropic has recently tightened its restrictions on Chinese users.

A developer on Reddit alleged that Claude Code, released by Anthropic in April, contains hidden surveillance code targeting Chinese users. This code reportedly can detect if a user is in China, if a proxy uses a Chinese domain, or if the user is connected to a Chinese AI research institute.

NO COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Exit mobile version