Alibaba bans Claude Code from all internal work environments from 10 July, citing alleged backdoor risks, as the company sits at the centre of a widening dispute with Reuters via SRN News reports Anthropic has escalated directly to the U.S. Senate.
The restriction was confirmed by a source familiar with the decision. Alibaba has not issued a public statement, and the scope of the ban beyond internal environments has not been disclosed.
Steganographic Markers and a Distillation Accusation
The alleged backdoor concern traces to steganographic markers found inside Claude Code that security researchers claimed flagged users operating in Chinese time zones. Anthropic characterised the feature as an experiment. Alibaba’s internal security team independently confirmed the behaviour and issued an advisory in early July 2025.
The original claims surfaced in late June 2025 in a Reddit post from a user who claimed to have reverse-engineered the tool, according to SitePoint. Alibaba’s internal notice, as reported by the South China Morning Post and cited by The Next Web, stated: ‘As Claude Code was recently discovered to carry back-door risks, after comprehensive evaluation, Claude Code has now been added to a list of high-risk software with security vulnerabilities.’
The dispute runs deeper than a tool ban. Anthropic sent a letter to two U.S. senators, seen by Reuters, accusing Alibaba of conducting a distillation attack: illicitly extracting Claude’s model capabilities to accelerate China’s ability to replicate Anthropic’s advanced Mythos Preview capabilities. Alibaba has not publicly responded to that accusation.
Alibaba Bans Claude Code as Enterprise Friction Mounts Across the Region
The move follows two Wall Street firms pulling back from Claude in Hong Kong. Goldman Sachs removed Claude from its approved tools for Hong Kong-based bankers in April. JPMorgan followed, blocking employees in Hong Kong from selecting Claude models from its approved list, after determining that Anthropic’s licensing terms excluded use across Greater China. Both removals were reported by the Financial Times, with The Next Web noting the Goldman Sachs timing via its own coverage of the JPMorgan restriction.
Anthropic told the Financial Times that Claude had never been officially supported in Hong Kong. JPMorgan declined to comment.
The concern among financial institutions reflects a structural problem: Anthropic’s terms of service create a geographic exclusion for Greater China, and as AI becomes more deeply integrated into software development, research, and financial services workflows, that exclusion is increasingly hard to work around operationally.
Export Controls, a Brief Suspension, and the Broader Regulatory Context
The Alibaba ban lands after a difficult stretch for Anthropic’s two flagship models. On 12 June, the U.S. Commerce Secretary Howard Lutnick sent a letter to Anthropic CEO Dario Amodei ordering the suspension of Claude Fable 5 and Mythos 5 for foreign nationals worldwide, citing concerns that military intelligence users in China, Russia, and other countries of concern could exploit the models, according to Reuters reporting via Yahoo Finance.
The U.S. Department of Commerce lifted those export controls on 30 June, and Anthropic restored public access on 1 July, according to DW News. The resolution came with commitments: Anthropic agreed to cooperate with the U.S. government on protocols for Mythos, Fable, and future models, and added new classifiers designed to detect and block cybersecurity-related tasks. Anthropic argued the jailbreak cited by authorities involved a limited method rather than a universal bypass of the models’ safety protections.
The picture that emerges is one where Anthropic is simultaneously defending its models to U.S. regulators on jailbreak grounds, accusing Alibaba of IP extraction, and watching enterprise adoption in Asia contract. The next pressure point is whether the distillation accusation prompts a formal government response, which would move this from a licensing dispute to a trade-policy matter.