Security Concerns Prompt Alibaba to Ban Claude Code and Adopt Qoder
  • Nisha
  • July 07, 2026

Security Concerns Prompt Alibaba to Ban Claude Code and Adopt Qoder

Chinese technology giant Alibaba has announced a ban on employees using Anthropic's Claude Code AI programming tool, effective July 10, 2026, citing serious security vulnerabilities and "backdoor risks" . The company has classified the tool as high-risk software and is requiring all employees globally to replace it with Qoder, Alibaba's self-developed AI coding platform, marking a significant escalation in the ongoing technology rivalry between the United States and China .

The ban was triggered by a series of security concerns surrounding Claude Code. Security researchers recently discovered that a version of the tool contained mechanisms designed to inspect users' local environments, including timezone settings and proxy configurations, and embed identifying markers in data transmitted to Anthropic's servers . This discovery sparked widespread concern among Chinese developers about potential surveillance and data leakage risks. Anthropic engineer Thariq Shihipar responded on X that the feature was "an experiment we launched in March" intended to prevent unauthorized resellers from abusing accounts and protect against model distillation—a practice where smaller models are trained on outputs from more powerful ones . Shihipar noted the experiment had already been scheduled for removal .

Anthropic had already prohibited Chinese companies and foreign entities owned by those companies from using its models . However, the discovery of covert user identification mechanisms eroded trust among Chinese tech companies, prompting Alibaba's decisive action . The decision was described as a "red-level" security alert internally, indicating confirmed severe risk requiring immediate cessation of use . For businesses managing sensitive development data, relying on a closed-source tool with demonstrated security issues and a history of vulnerability exploits became untenable . Claude Code had experienced a significant vulnerability in May 2026—a remote code execution flaw (CVE-2025-59536) that could allow attackers to read local files and execute arbitrary commands .

The ban comes just weeks after Anthropic publicly accused Alibaba of launching the "largest known distillation attack" against its AI models . In a June 10 letter to US senators, Anthropic claimed that entities affiliated with Alibaba used approximately 25,000 fraudulent accounts to conduct nearly 28.8 million interactions with Claude models over a six-week period from April to June 2026, targeting capabilities including agentic reasoning and software engineering proficiency . Anthropic urged Washington to impose stricter semiconductor export restrictions and penalties on AI developers caught running distillation operations . An Alibaba source suggested enforcing Anthropic's access restrictions against individuals is difficult, since anyone can spin up a US-based server to disguise their traffic origin, but organizations like Alibaba are sensitive to compliance consequences .

Industry analysts view Alibaba's ban as more than a reaction to immediate security concerns—it represents a strategic shift toward "AI self-reliance" . By mandating the use of Qoder—Alibaba's own AI programming platform launched in August 2025 with over 5 million global users—the company is accelerating domestic tool adoption amid intensifying US-China technological decoupling . An industry analyst noted this could be "the beginning of a wave of domestic enterprises restricting foreign AI tools," likely prompting peers like ByteDance and Tencent to consider similar risk controls . Analysts emphasized that China's AI coding tools have reached international standards in fundamental code completion and bug repair capabilities, though gaps remain in handling complex engineering scenarios . The trend reflects a broader industry transformation: AI programming tools are evolving from personal productivity aids to critical enterprise infrastructure, making uncontrolled dependence on third-party tools an unquantifiable risk .