China warns about AI risks with Anthropic’s Claude Code

China said specific versions of Claude Code posed back-door vulnerabilities that could send sensitive information to a remote server.

Skip NavigationJoin ICJoin ProLivestreamMenu

  • The Chinese Ministry of Industry and Information Technology said Wednesday its cybersecurity threat platform found “AI coding tool Claude Code contains a security back-door vulnerability that poses a serious threat.”
  • U.S.-based Anthropic last month blamed Chinese company Alibaba for attempting to extract its AI capabilities, which are not officially available in China.
  • Users should uninstall or upgrade from the affected Claude Code versions, 2.1.91 to 2.1.196, China’s cybersecurity platform said.

Security officers keep watch in front of an AI (Artificial Intelligence) sign at the annual Huawei Connect event in Shanghai, China, September 18, 2019.Aly Song | Reuters

BEIJING — China on Wednesday warned of “back-door” security risks affecting companies that use U.S.-based company Anthropic’s Claude Code artificial intelligence tool.

It comes as the U.S.-China tech race intensifies, with Anthropic last month blaming Chinese company Alibaba for attempting to extract its AI capabilities, which are not officially available in China. Alibaba did not comment on the accusations at the time.

Many locals in China have found ways to use U.S. AI tools, however. In March, a Xiaomi AI developer said at a state-organized forum that many were using Claude Code. And Alibaba has ordered its employees to stop using Anthropic tools for work starting July 10, CNBC confirmed on Monday.

The Chinese Ministry of Industry and Information Technology said Wednesday its cybersecurity threat platform found “AI coding tool Claude Code contains a security back-door vulnerability that poses a serious threat.”

The autonomous coding tool can send sensitive information to a remote server without a user’s consent, the statement said in Chinese, according to a CNBC translation. It noted that the information could include a user’s location and identity.

Users should uninstall or upgrade from the affected Claude Code versions, 2.1.91 to 2.1.196, the cybersecurity platform said. That covers versions released from April 2 to June 29, according to Anthropic’s website, which says the latest version of Claude Code as of Wednesday is 2.1.204.

Anthropic did not immediately respond to a CNBC request for comment.

Choose CNBC as your preferred source on Google and never miss a moment from the most trusted name in business news.

About The Author

Leave a Reply

Your email address will not be published. Required fields are marked *

About the Author

Easy WordPress Websites Builder: Versatile Demos for Blogs, News, eCommerce and More – One-Click Import, No Coding! 1000+ Ready-made Templates for Stunning Newspaper, Magazine, Blog, and Publishing Websites.

BlockSpare — News, Magazine and Blog Addons for (Gutenberg) Block Editor

Search the Archives

Access over the years of investigative journalism and breaking reports