Anthropic Removes "Scary" Secret Claude Tracker After Developer Stumbles Across It

Anthropic has removed hidden detection code from its Claude Code tool after a developer reverse-engineered the binary and exposed how the company was subtly monitoring users in China.

The code, which Anthropic described as an experiment launched in March, used a form of prompt steganography to signal information about a user's environment back to Anthropic's servers. It was designed to help detect unauthorized resellers and attempts by other organizations to distill Claude's capabilities into their own models.

How The Detection Worked

The mechanism was first spotted by a Reddit user known as LegitMichel777, who stumbled on it while trying to restore a disabled feature in Claude Code. A separate developer known as Thereallo independently confirmed the finding the same day, June 30, publishing a technical breakdown of exactly how it worked.

The checks only ran in one specific situation: when a user pointed Claude Code at a different server instead of Anthropic's own - something companies commonly do when they route their traffic through internal systems or third-party gateways. From there, it checked two things: