Anthropic, the US-based tech company that has created the Claude ecosystem, has an embedded code in its AI models to ramp up its digital defense systems. This code, often dubbed ‘spyware’, can identify Chinese users and trigger sudden account suspensions as well as blacklist proxy networks worldwide to keep its advanced tools out of China.Anthropic CEO Dario Amodei has repeatedly flagged Chinese access to American frontier AI models as an existential threat to US national security. It is due to this that the company strictly bans commercial access to Claude in China, as well as to any Chinese-owned subsidiaries operating internationally.
How Chinese users are able to access Anthropic’s AI models
Chinese people generally can access various US-made AI tools, such as OpenAI’s ChatGPT, by using virtual private networks (VPNs), foreign phone numbers and international payment methods to create and maintain their accounts.But Wired reports that Anthropic has arguably taken more aggressive steps, such as banning accounts that it suspects are owned and controlled by people located in China. There are accounts sold on Chinese ecommerce platforms like Taobao and Xianyu, and through illicit marketplaces on Telegram. These accounts offer access to restricted Anthropic AI models by acting as intermediaries, purchasing access to Anthropic’s API outside China and then redistributing Claude API tokens to users inside the country.
How the ‘spyware’ that Anthropic embedded in Claude Code works
Anthropic’s code detects the geolocation, following which Anthropic bans them. But for people who only want to briefly test Claude or ask occasional questions, the loss is manageable. Anthropic spokesperson Michael Aciman confirmed to Wired that the company is actively fighting back, stating that they deploy constantly evolving identity verification and anti-proxy detection systems specifically designed to disrupt these illicit networks.The reason behind Anthropic’s aggressive blocking strategy became clear last month when the company sent a letter to the US Senate Committee on Banking, Housing and Urban Affairs. In the letter, addressed to Senators Tim Scott and Elizabeth Warren, Anthropic explicitly accused Chinese e-commerce and cloud giant Alibaba of executing the “largest known distillation attack” in the company’s history.Distillation is a controversial AI training shortcut. Instead of spending billions of dollars to build an AI from scratch, an engineer feeds millions of questions into a superior rival model (like Claude) and uses the high-quality answers to train their own, cheaper model. Effectively, it allows a company to clone an American model’s capabilities at a fraction of the cost.According to Anthropic, companies and labs affiliated with Alibaba deployed roughly 25,000 fraudulent accounts to conduct a staggering 28.8 million exchanges with Claude models between April 22 and June 5, automatically sucking out the model’s capabilities to catch up to Western tech.


