According to Dynamic Beating monitoring, Thariq, an engineer from Claude Code team under Anthropic, publicly responded to the recent controversy regarding "spy code," admitting that in March of this year, an experimental mechanism was embedded in the product. This mechanism detected whether the system timezone was Asia/Shanghai or Asia/Urumqi, whether the proxy hostname matched a Chinese-related reseller list, and AI Lab keywords. It used special punctuation marks to steganographically inject hidden tagging information into the system prompts. He stated that this mechanism was intended to "prevent unauthorized resellers from abusing accounts and model distillation," but emphasized that the team had since implemented stronger protective measures. They had always intended to take it offline, the related PR has been merged, and a full rollback is expected in tomorrow's release.
The disclosure was made public by the security account @IntCyberDigest on June 30, accompanied by two code screenshots showing Claude Code secretly fingerprinting Chinese users without their knowledge. While Thariq's response was a positive acknowledgment, the timeline of "going live in March and accelerating the rollback only after being exposed" has raised widespread community doubts. The comment section overwhelmingly criticized Anthropic for "only deciding to roll back after being caught" and "secretly monitoring without user notification," causing a severe trust crisis for a company that has long portrayed itself as "most focused on security and ethics."
---------------------------------
Click the original article link below to join Dynamic Beating · Feishu AI News Channel, monitoring global AI hotspots and news 24/7.
