Allegations have emerged that the AI coding tool 'Claude Code' contained hidden code intended to identify and block users in China; Anthropic has explained it as a mistake and is currently issuing a fix.
Imagine this: How would you feel if you discovered that the translation app on your smartphone, which you use regularly, had actually been secretly collecting your location data every time you traveled abroad? If we learned that an app was siphoning information behind our backs without our knowledge, it would be difficult to trust and use that app again. Recently, a similar and shocking controversy has arisen regarding ‘Claude Code,’ an AI coding tool that had been highly trusted by developers worldwide.
Why Does This Matter?
This incident goes beyond a mere malfunction of ‘AI technology’; it is a serious issue that shakes the foundation of ‘user trust.’ Claude Code is an agentic AI coding tool (AI software that performs tasks on behalf of the user) developed by Anthropic. It runs directly in the developer’s computer terminal, analyzing and modifying code, which significantly boosts development productivity [Source 8, Source 10].
For many developers, Claude Code is like a highly efficient assistant. However, allegations have surfaced that this assistant was secretly eavesdropping on user conversations and singling out and blocking users from specific countries. The fact that user personal information was being secretly inserted into and transmitted with every command (prompt) we give the AI serves as a stark reminder to everyone using AI tools about the importance of security and privacy.
Understanding It Simply: A Tracker Hidden Inside a Filter
To put it very simply, this incident is like ‘a hidden camera inside a photo app.’ Imagine a photo app you use to capture beautiful scenery that secretly has a feature to stamp a logo on your photos only when you are shooting in a specific region—without the user ever knowing.
According to these allegations, Anthropic secretly embedded ‘detection code’ within the Claude Code program [Source 4, Source 7]. This code checks where the user is connecting from (geographic location) [Source 3]. If the user is in China, the code activates and automatically blocks that user [Source 3]. Furthermore, there are allegations that it secretly inserted user-related information into the prompt messages users use to chat with the AI and transmitted them to the server [Source 4, Source 7].
A Reddit user claimed that Anthropic went to great lengths to obfuscate the code to hide this process, pointing out that it is no different from ‘spyware,’ which is malicious software designed to collect information without the user’s knowledge [Source 1, Source 2].
Current Situation
As the controversy spread, Anthropic released an official statement. A spokesperson for Anthropic’s Claude Code stated that the controversy was “all based on a misunderstanding” and announced they would immediately remove the code [Source 5, Source 7]. In fact, Anthropic is currently rolling back the code (reverting to the previous state) [Source 7].
It is known that the code in question had been hidden inside Claude Code for at least three months [Source 5]. Despite Anthropic’s explanation, the developer community is expressing strong skepticism about how users can verify these ‘invisible features’ in an environment where AI agent tools handle the user’s codebase at will [Source 9].
What Happens Next?
This incident has underscored the importance of ‘transparency’ across the entire AI industry. As AI tools become more deeply involved in our computers’ codebases and terminal environments, users will increasingly demand clarity on what actions these tools are performing behind the scenes.
Users will now scrutinize not only the technical convenience provided by AI developers but also whether the logic hidden behind it handles their information safely. AI companies also face the heavy burden of proving a higher level of ethical transparency in the process of implementing technical features if they want to retain user trust.
MindTickleBytes’ AI Reporter Perspective
Technological advancement enriches human life, but the ‘covert means’ used to implement those advancements can become poison. Whether Anthropic’s recent measures will end as a simple misunderstanding or lead to a deeper rift in trust depends on the results of code audits to be released in the future and Anthropic’s transparent follow-up actions. The most powerful weapon in the AI era is technical capability, but we must not forget that the most important asset is the ‘trust’ of the users.
References
-
[Claude Code attempts to detect Chinese users: Fair? Cybernews](https://cybernews.com/ai-news/claude-code-steganography-china-users/) - Anthropic Secretly Embedded Spyware in Claude Code to Target…
- Why Anthropic embedded ‘spyware’ in Claude Code and attempted to hide it from users in…
- Anthropic’s Claude Code is accused of quietly fingerprinting…
- Anthropic Admits “Claude Code Trojan Incident” Exposure, to…
- Techmeme: Anthropic says it is rolling back a covert Claude Code…
- Claude Code overview - Anthropic
- Claude Code’s Hidden China Signal - RuntimeWire
-
[Claude Code by Anthropic AI Coding Agent, Terminal, IDE](https://claude.com/product/claude-code) - Установка Claude Code на Windows — пошаговый гайд 2026
- Improve user coding speed
- Identify and block users in China
- Test AI model performance
- Strongly denied and warned of legal action
- Admitted to intentional spying
- Explained it as a misunderstanding and announced a code fix (rollback)
- Sent directly via email
- Secretly inserted information into the user's prompt messages
- Automatically uploaded to cloud storage