header-langage
简体中文
繁體中文
English
Tiếng Việt
한국어
日本語
ภาษาไทย
Türkçe
Scan to Download the APP

Even Claude Code is involved in "Account Phishing"? Accused of Cross-Server Database Modification Using a Stranger's Password

According to Dynamic Insight Beating monitoring, a user reported on GitHub that while using Anthropic's command-line AI assistant Claude Code, the AI's dialogue context inexplicably contained someone else's server IP, username, and Root plaintext password. Subsequently, the local AI assistant directly read these passwords, automatically connected to someone else's server via SSH, and made read-write operations to the database. In other words, the user's AI, holding someone else's credentials, mistakenly connected and modified another person's production database.

Community technical experts analyzed that the root cause of the issue might lie in the failure of the large model's "prompt prefix caching" isolation mechanism. To reduce computational costs and speed up processing, cloud-based large models cache the context of user conversations; if there is a collision in cache keys between different users or if isolation is disrupted, someone else's confidential cache may be incorrectly concatenated into your conversation. If this speculation is true, any developer using Claude Code faces the risk of their server credentials and core source code being inadvertently leaked to other users.

However, it is not ruled out that this may be a model illusion coincidentally hitting the real IP and weak password or that the local project history has contaminated the context. Currently, this issue has been automatically tagged as a security concern (area:security) by GitHub's system, and all parties are awaiting official verification.

举报 Correction/Report
Correction/Report
Submit
Add Library
Visible to myself only
Public
Save
Choose Library
Add Library
Cancel
Finish