Alibaba orders everyone to uninstall the entire Claude product line; the “distillation attack” defendant retaliates by getting them banned in turn

Alibaba announced that all employees must uninstall Claude and all Anthropic products by July 10. The trigger was Anthropic’s accusation that Alibaba carried out an industrial-scale model distillation attack by using 25,000 fake accounts and conducting more than 28.8 million conversations.
(Background: Anthropic accuses Alibaba of “illegally stealing” Claude: 28.8 million conversations, nearly 25,000 fake accounts—the distillation conflict even spread to the U.S. Congress.)
(Additional context: Claude Code admitted to inserting “spy codes” for Chinese users to prevent resale and distillation, and removed them only after the issue was exposed.)

In discussions about the U.S.-China AI competition in the past, the picture was almost always that the U.S. side took action—cutting off supply, banning accounts, and adding names to blacklists—while Chinese companies were busy proving their innocence. But this time, the roles have flipped.

According to a report by ZhiDongxi, Alibaba is requiring all employees to fully purge Anthropic products by July 10—covering model lines such as Sonnet, Opus, and Fable, as well as agent tools like Claude Code—leaving none in place.

Distrust hidden in the code

Why did Alibaba cut so decisively? Starting with Claude Code’s 2.1.91 version in April 2026, it quietly added an extra check: it first reads the local time zone to see whether it falls under Asia/Shanghai or Asia/Urumqi, then goes through proxy settings and customized API URL configurations again, searching within them for the names of Chinese cloud vendors and AI companies such as Alibaba and ByteDance.

Once there’s a match, the program subtly tampers with the system prompt. The technique used is steganography. In simple terms, it replaces a few punctuation marks with slightly different ways of writing them, leaving a hidden mark on Chinese users in the background without leaving any trace.

Banning accounts is enforcement of rules that is laid out on the table, but steganography blurs the line between “tools meant to prevent misuse” and “backdoors meant to monitor users.” After the fact, Thariq Shihipar from the Claude Code team acknowledged that this indeed happened, explaining it was meant to block unauthorized account resale and distillation abuse. He said it was experimental—and that it has been removed.

A letter and a lawsuit

If you roll the timeline back a bit further, the fuse for this split was a letter Anthropic sent on June 10 to the U.S. Senate Committee on Banking. The accusations in the letter were serious: Alibaba was accused of creating roughly 25,000 fake accounts during the late spring period, accumulating more than 28.8 million conversations with Claude—after which Anthropic unilaterally characterized it as an “industrial-grade model distillation attack,” and even escalated it to the national security level.

But ultimately, this is still just an accusation letter. Alibaba has not responded to the details, and no third party has been able to reconstruct the full picture. Moreover, so-called “legal self-distillation” and “unauthorized learning”—in terms of data flows—are in practice very difficult to draw a clean line. The law has not, to this day, clearly defined the position of that boundary, which is exactly the structural root of why disputes like this always end up with everyone telling their own story.

What’s more, with the same line of rhetoric, Anthropic used it again this February against DeepSeek, Moonshot AI, and MiniMax.

As the accusations exploded, Alibaba was also fighting a lawsuit on another front. In late June, it sued the U.S. Department of Defense in the U.S. District Court for the Northern District of San Jose, California, demanding to be removed from the 1260H list—a blacklist maintained by the U.S. Department of Defense for “Chinese military-linked enterprises.”

In simple terms, being on this list is equivalent to having an official stamp that says you are “connected to the People’s Liberation Army.” The list, released on June 8, now includes more than 180 companies, including Alibaba, Baidu, and BYD. While the list itself does not amount to formal sanctions, it is enough to shake the market’s confidence in whether Alibaba can continue to use cutting-edge U.S. technology.

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned