@AISuperDomain: Breaking news! Claude Code allegedly has a built-in 'hidden backdoor' specifically designed to detect Chinese users. The reason for Claude account bans has finally been found!!! According to a Reddit leak: Starting from version 2.1.91, Claude Code checks whether the system timezone is Asia…
Summary
According to a Reddit leak, starting from version 2.1.91, Claude Code has a built-in hidden detection logic that checks system timezone, proxy URL, and modifies system prompt encoding methods, allegedly to specifically identify Chinese users, sparking serious concerns about developers' trust boundaries.
View Cached Full Text
Cached at: 06/30/26, 11:41 AM
Breaking News! Claude Code Allegedly Has a “Hidden Backdoor” Specifically Targeting Chinese Users. The Real Reason Behind Claude Account Bans Has Finally Been Found!!!
According to a Reddit leak: Starting from version 2.1.91, Claude Code checks whether the system timezone is Asia/Shanghai or Asia/Urumqi when the user enables a proxy, and also detects whether the proxy URL points to a Chinese domain or a Chinese AI lab.
Even more covertly, this information is not directly uploaded but is “encoded” into the system prompt by modifying date formats and apostrophe characters: for example, changing the date from 2026-06-30 to 2026/06/30, and using different Unicode apostrophes to distinguish user environments.
In other words, if the leak is true, Claude Code doesn’t just detect proxies — it embeds signals like “Chinese timezone / Chinese proxy / AI Lab association” into the system prompt in a way that is nearly imperceptible to the user.
The truly alarming part is not that Anthropic wants to prevent Chinese region reselling or model distillation, but that developers use Claude Code as a programming assistant with full file system and shell access. Once a client can stealthily modify prompts and hide detection logic, the trust boundary has already been broken.
Today it’s “detecting Chinese users” — tomorrow could it be more sophisticated behavioral control?
#Claude #ClaudeCode #Anthropic
Original text below:
Similar Articles
@Khazix0918: https://x.com/Khazix0918/status/2072235797592658395
The article exposes that Anthropic secretly detects and marks Chinese users in Claude Code using steganography (modifying Unicode characters and separators in date strings) for account bans, sparking strong community concerns about privacy and trust.
@xiangxiang103: Wow, Anthropic really dropped the ball this time. Someone dug up hidden code in the Claude Code binary — specifically designed to detect whether you're a Chinese user or routing through China. Not ordinary telemetry, but deliberately obfuscated, not mentioned in release notes, and completely unknown to users. The process goes like this: - Detects you...
Hidden code was discovered in the Claude Code binary that specifically detects Chinese users or proxy routes, and secretly modifies system prompts to add watermarks, sparking widespread concerns about trust in developer tools.
@IntCyberDigest: BREAKING: Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users. It then s…
The article alleges that Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users by injecting routing metadata into prompts, raising serious privacy concerns.
@9hills: At first, I didn't really get what Anthropic was trying to do — why detect Claude Code using third-party providers? What's the big deal? Later I realized how clever Anthropic is: by modifying the date format in the system prompt and comparing it with their own logs, they can precisely identify proxy station IPs and accounts. As long as your local configuration points to a third-party URL but the request ultimately goes back to Anthropic, it must be a proxy station. So they can batch-ban those proxy stations.
Anthropic precisely identifies requests from Claude Code that use third-party providers (proxy stations) by modifying the date format in the system prompt and comparing it with their own logs, thereby batch-banning proxy station IPs and accounts. This technique requires no network upload activity and can even detect proxy usage within enterprise intranet environments.
@passluo: Unbelievable! The latest Claude Code CLI client code secretly contains a list of proxy stations. For users from these stations, Claude may randomly modify your prompt to interfere with your requests. A\\ The selected proxy station list is shown in the image. Don't be discouraged if your station wasn't selected — maybe next time it will be you.
The latest Claude Code CLI client code was found to secretly contain a list of proxy stations. Users from these stations may have their prompts randomly modified by Claude to interfere with requests, sparking discussions about transparency and privacy.