China Warns the Country to Uninstall Claude Code: Backdoor Risk or AI Cold War Retaliation?
China’s cybersecurity authority says Anthropic’s Claude Code contains a backdoor risk and urges users to uninstall or upgrade. The warning comes amid accusations of Chinese AI distillation attacks.
China’s national cybersecurity warning about Anthropic’s Claude Code has turned a software-security dispute into an AI cold war story. Beijing’s National Vulnerability Database, overseen by the Ministry of Industry and Information Technology, reportedly warned that certain versions of Claude Code contain a “backdoor” risk capable of sending sensitive user information to remote servers.
The warning urges users to uninstall or upgrade affected versions. It follows a rapid sequence: researchers and users claimed Claude Code contained hidden checks for location, timezone and proxy use; Anthropic said related behavior was part of an anti-abuse experiment aimed at stopping unauthorized account use and model distillation; Alibaba reportedly banned Claude Code internally; then China’s state-linked vulnerability platform made the warning national.
Neither side is easy to trust completely. Anthropic has legitimate reasons to detect abuse. The company has accused Chinese firms of attempting to extract Claude’s capabilities through large-scale use, fake accounts and distillation-style techniques. From Anthropic’s perspective, anti-abuse telemetry may be defensive.
China also has legitimate reasons to object to hidden data transmission in developer tools. Claude Code is not a toy chatbot. Developers may use it inside corporate environments, infrastructure teams and software projects. If a tool silently checks location or sends metadata to a U.S. company, Chinese regulators will see that as a sovereignty and security risk.
The irony is obvious. Anthropic reportedly added detection to stop Chinese users from bypassing restrictions or extracting capabilities. That same detection now allows Beijing to say Claude Code itself cannot be trusted. In trying to defend model sovereignty, Anthropic may have strengthened China’s argument for AI tool sovereignty.
The headline says China told users to uninstall Claude. The deeper story is that the open internet model of software distribution is breaking under AI nationalism. Neither side is fully wrong. Anthropic wants to protect its models from extraction. China wants to protect its developers from hidden foreign telemetry. The problem is that both goals create a world where every AI tool is treated as a strategic weapon.