Military Space News
CYBER WARS
Massive leak shows Chinese firm hacked foreign govts, activists: analysts
Massive leak shows Chinese firm hacked foreign govts, activists: analysts
By Oliver Hotham with Jing Xuan Teng in Shanghai
Beijing (AFP) Feb 22, 2024

A Chinese tech security firm was able to breach foreign governments, infiltrate social media accounts and hack personal computers, a massive data leak analysed by experts this week revealed.

The trove of documents from I-Soon, a private company that competed for Chinese government contracts, shows that its hackers compromised more than a dozen governments, according to cybersecurity firms SentinelLabs and Malwarebytes.

I-Soon also breached "democracy organisations" in China's semi-autonomous city of Hong Kong, universities and the NATO military alliance, SentinelLabs researchers wrote in a blog post Wednesday.

The leaked data, the contents of which AFP was unable to immediately verify, was posted last week on the online software repository GitHub by an unknown individual.

"The leak provides some of the most concrete details seen publicly to date, revealing the maturing nature of China's cyber espionage ecosystem," SentinelLabs analysts said.

I-Soon was able to breach government offices in India, Thailand, Vietnam and South Korea, among others, Malwarebytes said in a separate post on Wednesday.

I-Soon's website was not available Thursday morning, though an internet archive snapshot of the site from Tuesday says it is based in Shanghai, with subsidiaries and offices in Beijing, Sichuan, Jiangsu and Zhejiang.

The firm did not reply to a request for comment.

Asked by AFP on Thursday about whether Beijing contracted hackers, China's foreign ministry said it was "not aware" of the case.

"As a principle, China firmly opposes all forms of cyberattacks and cracks down on them in accordance with law," spokesperson Mao Ning said.

- Hacks for contracts -

The leak contains hundreds of files showing chatlogs, presentations and lists of targets.

AFP found what appeared to be lists of Thai and UK government departments among the leaks, as well as screenshots of attempts to log into an individual's Facebook account.

Other screenshots showed arguments between an employee and a supervisor over salaries, as well as a document describing software aimed at accessing a target's Outlook emails.

"As demonstrated by the leaked documents, third-party contractors play a significant role in facilitating and executing many of China's offensive operations in the cyber domain," SentinelLabs analysts said.

In one screenshot of a chat app conversation, someone describes a client request for exclusive access to the "foreign secretary's office, foreign ministry's ASEAN office, prime minister's office national intelligence agency" and other government departments of an unnamed country.

Analysts who examined the files said the company also offered potential clients the ability to break into accounts of individuals on social media platform X -- monitoring their activity, reading their private messages, and sending posts.

It also laid out how the firm's hackers could access and take over a person's computer remotely, allowing them to execute commands and monitor what they type.

Other services included ways to breach Apple's iPhone and other smartphone operating systems, as well as custom hardware -- including a powerbank that can extract data from a device and send it to the hackers.

- Xinjiang ties -

Analysts said the leak also showed I-Soon bidding for contracts in China's northwestern region of Xinjiang, where Beijing stands accused of detaining hundreds of thousands of mostly Muslim people as part of a campaign against alleged extremism. The United States has called it a genocide.

"The company listed other terrorism-related targets the company had hacked previously as evidence of their ability to perform these tasks, including targeting counterterrorism centers in Pakistan and Afghanistan," SentinelLabs analysts said.

The leaked data also revealed the fees that hackers could earn, they said, including $55,000 from breaking into a government ministry in Vietnam.

A cached version of the company's website showed the firm also runs an institute dedicated to "implementing the spirit" of President Xi Jinping's "important instructions" on developing cybersecurity education and expertise.

The FBI has said that China has the biggest hacking programme of any country.

Beijing has dismissed the claims as "groundless" and pointed to the United States's own history of cyber espionage.

Pieter Arntz, a researcher at Malwarebytes, said the leak will likely "rattle some cages at the infiltrated entities".

"As such, it could possibly cause a shift in international diplomacy and expose the holes in the national security of several countries."

oho-tjx-sbr/dhw

X

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Subscribe Free To Our Daily Newsletters
Tweet

RELATED CONTENT
The following news reports may link to other Space Media Network websites.
CYBER WARS
Canada inquiry into foreign interference starts hearings
Ottawa (AFP) Jan 29, 2024
Is Canada particularly vulnerable to foreign interference? A judge probing outside meddling by China and others began five days of hearings on Monday, vowing to unravel the "very serious" claims. A senior minister, top intelligence officials and national security experts are to shed light on the allegations - first revealed in media reports citing leaked classified documents and unnamed sources - that China and others sought to interfere in Canada's 2019 and 2021 elections, as well as accusations ... read more

CYBER WARS
L3Harris Technologies Launches New Satellites to Enhance US Missile Defense

SpaceX launches batch of satellites for Space Systems Command

Aerojet Rocketdyne Powers Key U.S. Missile Defense Test with Advanced MRBM Target

THAAD Localization Efforts Align with Saudi Vision 2030 Objectives

CYBER WARS
US, European parts found in N.Korean missile in Ukraine: report

Kyiv says Russia used N. Korean missiles in deadly attacks on Ukraine

'Everything is getting worse:' fatigue marks Ukraine war anniversary

US says launches five new strikes on Huthi weapons systems

CYBER WARS
US, allied forces down six drones launched by Yemen's Huthis

Canada to send hundreds of drones to Ukraine as 2nd anniversary of invasion nears

US drone downed off Yemen by apparent Huthi missile

French navy downs two drones over Red Sea

CYBER WARS
Pony Express 2 Mission Ready to Enhance Military Connectivity with Innovative Space Technologies

Viasat Installs Advanced SATCOM System on First U.S. Navy MSC Ship

Space Force initiates MUOS Service Life Extension with Lockheed Martin design contract

Government Connectivity Enters New Era: MetTel and Partners Highlight LEO Satellite Solutions

CYBER WARS
Ammunition shortage hurting Ukraine, Zelensky tells Munich meeting

Ammunition shortage hurting Ukraine, Zelensky tells Munich meeting

Northrop Grumman to Revolutionize Space Missions with Next-Gen Cryocoolers

The US 'can and will' deliver more Ukraine aid: top advisor

CYBER WARS
BlueHalo and Eqlipse merge to form new defense technology powerhouse

China tells Ukraine it 'does not sell lethal weapons' to Russia

EU targets Chinese firms, N. Korea in new Ukraine war sanctions

US to sanction over 500 targets involved in Russia 'war machine'

CYBER WARS
France urges more 'vigilance' against Russia sabotage in military: internal memo

US, UK, Germany back Dutch PM Mark Rutte as next NATO chief

Swedish PM to visit Hungary ahead of NATO bid vote

US to level more sanctions as Russia claims fresh gains in Ukraine

CYBER WARS
Researchers unveil novel technique for creating atomically thin nanoscrolls

MIT.nano equipment to accelerate innovation in "tough tech" sectors

Subscribe Free To Our Daily Newsletters




The content herein, unless otherwise known to be public domain, are Copyright 1995-2024 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. All articles labeled "by Staff Writers" include reports supplied to Space Media Network by industry news wires, PR agencies, corporate press officers and the like. Such articles are individually curated and edited by Space Media Network staff on the basis of the report's information value to our industry and professional readership. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. General Data Protection Regulation (GDPR) Statement Our advertisers use various cookies and the like to deliver the best ad banner available at one time. All network advertising suppliers have GDPR policies (Legitimate Interest) that conform with EU regulations for data collection. By using our websites you consent to cookie based advertising. If you do not agree with this then you must stop using the websites from May 25, 2018. Privacy Statement. Additional information can be found here at About Us.