Alibaba Bans Claude Code Over Security Risks, Deploys Homegrown Qoder AI Tool

Alibaba announced a complete ban on Claude Code after uncovering a hidden user‑detection backdoor, citing high security risk, and is shifting its AI coding workflow to the internally developed Qoder platform amid broader industry concerns about AI tool safety.

ITPUB
ITPUB
ITPUB
Alibaba Bans Claude Code Over Security Risks, Deploys Homegrown Qoder AI Tool

On July 3, Alibaba circulated an internal notice classifying Claude Code as high‑risk software because of an embedded user‑detection backdoor, and from July 10 it prohibited all employee use of Claude Code—including Claude Sonnet, Opus, and Fable—while recommending the home‑grown Qoder tool as a replacement.

Reverse‑engineering by the developer community showed that starting with version 2.1.91 (April 2026), Claude Code implements a three‑step covert mechanism: (1) silently identifies the user by reading the system timezone and probing proxy or custom API strings for keywords of Chinese cloud providers; (2) subtly alters system prompts—changing the date format from "2026-06-30" to "2026/06/30" and replacing apostrophes with visually identical Unicode characters—to embed a hidden marker; (3) sends the tampered prompts along with each normal request to Anthropic’s servers, creating an environment fingerprint that the server can see while the user sees only a normal date.

The detection code is heavily obfuscated; 147 monitored domains are locked behind passwords, and the changes are omitted from version‑update logs.

Anthropic later acknowledged the “experimental” measure and removed it in a July 2 update, but the incident damaged trust, especially after previous security problems: a 2025 auto‑update bug that, when run with root privileges, could brick workstations; multiple remote‑code‑execution vulnerabilities disclosed by Check Point in early 2026; an accidental source‑code leak; and a silent macOS installer that created a Chrome‑extension bridge without user consent.

Anthropic also accused Alibaba of conducting an "industrial‑scale model distillation attack" using roughly 25 000 fake accounts for over 28 million interactions, a claim that escalated the issue to a national‑security level.

At the same time, Alibaba confirmed the integration of three enterprise‑grade Agent products—QoderWork (desktop AI agent), DingTalk’s "Wukong" collaborative agent, and the MuleRun execution engine—into a unified AI productivity suite led by QoderWork, positioning Qoder as the core internal AI tool for enterprise scenarios.

The episode illustrates a broader shift among Chinese tech giants: moving away from external AI coding tools toward self‑developed solutions that can withstand rigorous security scrutiny, reflecting strategic emphasis on controlling core productivity capabilities.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

AlibabaInformation SecurityAI securityEnterprise AIAnthropicClaude CodeQoder
ITPUB
Written by

ITPUB

Official ITPUB account sharing technical insights, community news, and exciting events.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.