Massive leak shows Chinese firm hacked foreign govts, activists: analysts

Massive leak shows Chinese firm hacked foreign govts, activists: analysts

A trove of documents from I-Soon, a private contractor that competed for Chinese government contracts, shows that its hackers compromised more than a dozen governments, according to cybersecurity firms SentinelLabs and Malwarebytes
A trove of documents from I-Soon, a private contractor that competed for Chinese government contracts, shows that its hackers compromised more than a dozen governments, according to cybersecurity firms SentinelLabs and Malwarebytes. Photo: I-Hwa CHENG / AFP/File
Source: AFP

A Chinese tech security firm was able to breach foreign governments, infiltrate social media accounts and hack personal computers, a massive data leak analysed by experts this week has revealed.

The trove of documents from I-Soon, a private contractor that competed for Chinese government contracts, shows that its hackers compromised more than a dozen governments, according to cybersecurity firms SentinelLabs and Malwarebytes.

I-Soon also breached "democracy organisations" in China's semi-autonomous city of Hong Kong, universities and the NATO military alliance, SentinelLabs researchers wrote Wednesday.

The leaked data, the contents of which AFP was unable to immediately identify, was posted last week on the online software repository GitHub by an unknown individual.

"The leak provides some of the most concrete details seen publicly to date, revealing the maturing nature of China's cyber espionage ecosystem," SentinelLabs analysts said.

Read also

TSMC diversifies out of hotspot Taiwan with new Japan plant

I-Soon was able to breach government offices in India, Thailand, Vietnam and South Korea, among others, Malwarebytes said in a separate post on Wednesday.

I-Soon's website was not available Thursday morning, though an internet archive snapshot of the site from Tuesday says it is based in Shanghai, with subsidiaries and offices in Beijing, Sichuan, Jiangsu and Zhejiang.

It contains files showing chatlogs, presentations and lists of targets, analysts said.

Services offered to potential clients included breaking into an individual's account on social media platform X -- monitoring their activity, reading their private messages, and sending posts.

It also laid out how the firm's hackers could access and take over a person's computer remotely, allowing them to execute commands and monitor what they type.

Other services included ways to breach Apple's iPhone and other smartphone operating systems, as well as custom hardware -- including a powerbank that can extract data from a device and send it to the hackers.

Read also

'It's frightening': YouTubers split over OpenAI's video tool Sora

The leak also showed I-Soon bidding for contracts in China's northwestern region of Xinjiang, where Beijing stands accused of detaining hundreds of thousands of mostly Muslim people as part of a campaign against alleged extremism. The United States has called it a genocide.

"The company listed other terrorism-related targets the company had hacked previously as evidence of their ability to perform these tasks, including targeting counterterrorism centers in Pakistan and Afghanistan," SentinelLabs analysts said.

The leaked data also revealed the fees that hackers could earn, they said -- including $55,000 from breaking into a government ministry in Vietnam.

The FBI has said that China has the biggest hacking programme of any country.

Beijing has dismissed the claims as "groundless" and pointed to the United States's own history of cyber espionage.

Pieter Arntz, a researcher at Malwarebytes, said the leak will likely "rattle some cages at the infiltrated entities".

Read also

Asian stocks lower after Wall Street losses

"As such, it could possibly cause a shift in international diplomacy and expose the holes in the national security of several countries."

Source: AFP

Authors:
AFP avatar

AFP AFP text, photo, graphic, audio or video material shall not be published, broadcast, rewritten for broadcast or publication or redistributed directly or indirectly in any medium. AFP news material may not be stored in whole or in part in a computer or otherwise except for personal and non-commercial use. AFP will not be held liable for any delays, inaccuracies, errors or omissions in any AFP news material or in transmission or delivery of all or any part thereof or for any damages whatsoever. As a newswire service, AFP does not obtain releases from subjects, individuals, groups or entities contained in its photographs, videos, graphics or quoted in its texts. Further, no clearance is obtained from the owners of any trademarks or copyrighted materials whose marks and materials are included in AFP material. Therefore you will be solely responsible for obtaining any and all necessary releases from whatever individuals and/or entities necessary for any uses of AFP material.