A Chinese tech security firm was able to breach foreign governments, infiltrate social media accounts and hack personal computers, a massive data leak analyzed by experts this week revealed.
The trove of documents from I-Soon (上海安洵信息), a private company that competed for Chinese government contracts, shows that its hackers compromised more than a dozen governments, cybersecurity firms SentinelLabs and Malwarebytes said.
I-Soon also breached “democracy organizations” in Hong Kong, universities and the NATO military alliance, SentinelLabs researchers wrote in a blog post on Wednesday.
Photo: AP
The leaked data, the contents of which Agence France-Presse (AFP) was unable to immediately verify, was posted last week on the online software repository GitHub by an unknown individual.
“The leak provides some of the most concrete details seen publicly to date, revealing the maturing nature of China’s cyberespionage ecosystem,” SentinelLabs analysts said.
I-Soon was able to breach government offices in India, Thailand, Vietnam and South Korea, among others, Malwarebytes said in a separate post on Wednesday.
I-Soon’s Web site was not available yesterday morning, although an Internet archive snapshot of the site from Tuesday says it is based in Shanghai, with subsidiaries and offices in Beijing, Sichuan, Jiangsu and Zhejiang.
The firm did not reply to a request for comment.
Asked whether Beijing contracted hackers, the Chinese Ministry of Foreign Affairs told AFP it was “not aware” of the case.
The leak contains hundreds of files showing chatlogs, presentations and lists of targets.
AFP found what appeared to be lists of Thai and UK government departments among the leaks, as well as screenshots of attempts to log into an individual’s Facebook account.
Other screenshots showed arguments between an employee and a supervisor over salaries, as well as a document describing software aimed at accessing a target’s Outlook e-mails.
“As demonstrated by the leaked documents, third-party contractors play a significant role in facilitating and executing many of China’s offensive operations in the cyber domain,” SentinelLabs analysts said.
In one screenshot of a chat app conversation, someone describes a client request for exclusive access to the “foreign secretary’s office, foreign ministry’s ASEAN office, prime minister’s office national intelligence agency” and other government departments of an unnamed country.
Analysts who examined the files said the company also offered potential clients the ability to break into accounts of individuals on social media platform X — monitoring their activity, reading their private messages and sending posts.
It also laid out how the firm’s hackers could access and take over a person’s computer remotely, allowing them to execute commands and monitor what they type.
Other services included ways to breach Apple’s iPhone and other smartphone operating systems, as well as custom hardware — including a powerbank that can extract data from a device and send it to the hackers.
Analysts said the leak also showed I-Soon bidding for contracts in Xinjiang, where Beijing stands accused of detaining hundreds of thousands of mostly Muslim people as part of a campaign against alleged extremism.
“The company listed other terrorism-related targets the company had hacked previously as evidence of their ability to perform these tasks, including targeting counterterrorism centers in Pakistan and Afghanistan,” SentinelLabs analysts said.
UNITED: The premier said Trump’s tariff comments provided a great opportunity for the private and public sectors to come together to maintain the nation’s chip advantage The government is considering ways to assist the nation’s semiconductor industry or hosting collaborative projects with the private sector after US President Donald Trump threatened to impose a 100 percent tariff on chips exported to the US, Premier Cho Jung-tai (卓榮泰) said yesterday. Trump on Monday told Republican members of the US Congress about plans to impose sweeping tariffs on semiconductors, steel, aluminum, copper and pharmaceuticals “in the very near future.” “It’s time for the United States to return to the system that made us richer and more powerful than ever before,” Trump said at the Republican Issues Conference in Miami, Florida. “They
GOLDEN OPPORTUNITY: Taiwan must capitalize on the shock waves DeepSeek has sent through US markets to show it is a tech partner of Washington, a researcher said China’s reported breakthrough in artificial intelligence (AI) would prompt the US to seek a stronger alliance with Taiwan and Japan to secure its technological superiority, a Taiwanese researcher said yesterday. The launch of low-cost AI model DeepSeek (深度求索) on Monday sent US tech stocks tumbling, with chipmaker Nvidia Corp losing 16 percent of its value and the NASDAQ falling 612.46 points, or 3.07 percent, to close at 19,341.84 points. On the same day, the Philadelphia Stock Exchange Semiconductor Sector index dropped 488.7 points, or 9.15 percent, to close at 4,853.24 points. The launch of the Chinese chatbot proves that a competitor can
TAIWAN DEFENSE: The initiative would involve integrating various systems in a fast-paced manner through the use of common software to obstruct a Chinese invasion The first tranche of the US Navy’s “Replicator” initiative aimed at obstructing a Chinese invasion of Taiwan would be ready by August, a US Naval Institute (USNI) News report on Tuesday said. The initiative is part of a larger defense strategy for Taiwan, and would involve launching thousands of uncrewed submarines, surface vessels and aerial vehicles around Taiwan to buy the nation and its partners time to assemble a response. The plan was first made public by the Washington Post in June last year, when it cited comments by US Indo-Pacific Commander Admiral Samuel Paparo on the sidelines of the Shangri-La Dialogue
MARITIME SECURITY: Of the 52 vessels, 15 were rated a ‘threat’ for various reasons, including the amount of time they spent loitering near subsea cables, the CGA said Taiwan has identified 52 “suspicious” Chinese-owned ships flying flags of convenience that require close monitoring if detected near the nation, the Coast Guard Administration (CGA) said yesterday, as the nation seeks to protect its subsea telecoms cables. The stricter regime comes after a Cameroon-flagged vessel was briefly detained by the CGA earlier this month on suspicion of damaging an international cable northeast of Taiwan. The vessel is owned by a Hong Kong-registered company with a Chinese address given for its only listed director, the CGA said previously. Taiwan fears China could sever its communication links as part of an attempt
RSS