On July 1, 2026, internet users uncovered that the Claude Code incorporated concealed code segments specifically engineered to discern system time zones and API endpoint URLs, with a primary focus on Chinese users—spanning individual developers and AI firms alike. Should the code identify API addresses configured by a developer that belong to Chinese technology companies or AI research institutions, such as Yuezhi Anmian, within the Claude Code environment, pertinent details are automatically appended to the system prompt and relayed to Anthropic's servers. This surreptitious tagging system leverages subtle disparities in Unicode characters, which remain imperceptible to the naked eye, to encode requests from Chinese users into system prompts by scrutinizing proxy server domains and system time zones. The underlying intent of this stealthy marking scheme is to thwart the illicit resale of the Claude API and avert unauthorized reverse engineering and data extraction of the model.
Following the revelation of this incident, Anthropic promptly issued a statement, committing to excise the aforementioned code in the forthcoming version scheduled for release the next day.
