@AISuperDomain: Breaking news! Claude Code allegedly has a built-in 'hidden backdoor' specifically designed to detect Chinese users. The reason for Claude account bans has finally been found!!! According to a Reddit leak: Starting from version 2.1.91, Claude Code checks whether the system timezone is Asia…

X AI KOLs Timeline News

Summary

According to a Reddit leak, starting from version 2.1.91, Claude Code has a built-in hidden detection logic that checks system timezone, proxy URL, and modifies system prompt encoding methods, allegedly to specifically identify Chinese users, sparking serious concerns about developers' trust boundaries.

Breaking news! Claude Code is alleged to have a built-in 'hidden backdoor' specifically designed to detect Chinese users. The reason for Claude account bans has finally been found!!! According to a Reddit leak: Starting from version 2.1.91, Claude Code checks whether the system timezone is Asia/Shanghai / Asia/Urumqi when the user enables a proxy, and determines whether the proxy URL points to a Chinese domain or a Chinese AI lab. Even more covertly, this information is not directly reported but is 'encoded' and transmitted by modifying the date format and apostrophe characters in the system prompt: for example, changing the date from 2026-06-30 to 2026/06/30, and using different Unicode apostrophes to distinguish user environments. In other words, if the leak is true, Claude Code is not just detecting proxies, but is inserting information such as 'China timezone / Chinese proxy / AI Lab association' into the system prompt in a way that is almost imperceptible to the user. The truly frightening part of this is not that Anthropic wants to prevent reselling or model distillation in China, but that developers use Claude Code as a programming assistant with file system and shell permissions. Once the client can secretly modify prompts and hide detection logic, the trust boundary has already been broken. Today it's 'detecting Chinese users,' tomorrow could it be more complex behavioral control? #Claude #ClaudeCode #Anthropic Original text as follows
Original Article
View Cached Full Text

Cached at: 06/30/26, 11:41 AM

Breaking News! Claude Code Allegedly Has a “Hidden Backdoor” Specifically Targeting Chinese Users. The Real Reason Behind Claude Account Bans Has Finally Been Found!!!

According to a Reddit leak: Starting from version 2.1.91, Claude Code checks whether the system timezone is Asia/Shanghai or Asia/Urumqi when the user enables a proxy, and also detects whether the proxy URL points to a Chinese domain or a Chinese AI lab.

Even more covertly, this information is not directly uploaded but is “encoded” into the system prompt by modifying date formats and apostrophe characters: for example, changing the date from 2026-06-30 to 2026/06/30, and using different Unicode apostrophes to distinguish user environments.

In other words, if the leak is true, Claude Code doesn’t just detect proxies — it embeds signals like “Chinese timezone / Chinese proxy / AI Lab association” into the system prompt in a way that is nearly imperceptible to the user.

The truly alarming part is not that Anthropic wants to prevent Chinese region reselling or model distillation, but that developers use Claude Code as a programming assistant with full file system and shell access. Once a client can stealthily modify prompts and hide detection logic, the trust boundary has already been broken.

Today it’s “detecting Chinese users” — tomorrow could it be more sophisticated behavioral control?

#Claude #ClaudeCode #Anthropic

Original text below:

Similar Articles

@Khazix0918: https://x.com/Khazix0918/status/2072235797592658395

X AI KOLs Timeline

The article exposes that Anthropic secretly detects and marks Chinese users in Claude Code using steganography (modifying Unicode characters and separators in date strings) for account bans, sparking strong community concerns about privacy and trust.

@xiangxiang103: Wow, Anthropic really dropped the ball this time. Someone dug up hidden code in the Claude Code binary — specifically designed to detect whether you're a Chinese user or routing through China. Not ordinary telemetry, but deliberately obfuscated, not mentioned in release notes, and completely unknown to users. The process goes like this: - Detects you...

X AI KOLs Timeline

Hidden code was discovered in the Claude Code binary that specifically detects Chinese users or proxy routes, and secretly modifies system prompts to add watermarks, sparking widespread concerns about trust in developer tools.

@9hills: At first, I didn't really get what Anthropic was trying to do — why detect Claude Code using third-party providers? What's the big deal? Later I realized how clever Anthropic is: by modifying the date format in the system prompt and comparing it with their own logs, they can precisely identify proxy station IPs and accounts. As long as your local configuration points to a third-party URL but the request ultimately goes back to Anthropic, it must be a proxy station. So they can batch-ban those proxy stations.

X AI KOLs Timeline

Anthropic precisely identifies requests from Claude Code that use third-party providers (proxy stations) by modifying the date format in the system prompt and comparing it with their own logs, thereby batch-banning proxy station IPs and accounts. This technique requires no network upload activity and can even detect proxy usage within enterprise intranet environments.

@passluo: Unbelievable! The latest Claude Code CLI client code secretly contains a list of proxy stations. For users from these stations, Claude may randomly modify your prompt to interfere with your requests. A\\ The selected proxy station list is shown in the image. Don't be discouraged if your station wasn't selected — maybe next time it will be you.

X AI KOLs Timeline

The latest Claude Code CLI client code was found to secretly contain a list of proxy stations. Users from these stations may have their prompts randomly modified by Claude to interfere with requests, sparking discussions about transparency and privacy.