A Massive Leak of Chat Indicates A Chinese Co. Hacked Foreign Govt Websites including India
A Massive Leak of Chat Indicates A Chinese Co. Hacked Foreign Govt Websites including India
Beijing: A Chinese technology security firm breached foreign governments, compromised social media accounts, and hacked personal computers, according to this week’s analysis of a colossal data leak by experts.
The collection of records from l-Soon, a privately held business that competed for contracts with the Chinese government, indicates that its intruders exposed more information than Malwarebytes and SentinelLabs.
SentinelLabs researchers reported on Wednesday that I-Soon also compromised “democracy organizations” in universities, the NATO military alliance, and the semi-autonomous Chinese city of Hong Kong.
The leaked data, the contents of which AFP was unable to immediately corroborate, was uploaded by an unknown individual to the online software repository GitHub last week.
“Some of the most significant concrete details seen publicly to date are contained in the leak,” analysts at SentinelLabs said. “This demonstrates the evolving nature of China’s cyber warfare ecosystem.”
Government offices in India, Thailand, Vietnam, and South Korea, among others, were compromised by I-Soon, according to a distinct post published by Malwarebytes on Wednesday.
Although the I-Soon website was inaccessible on Thursday morning, an archived image from Tuesday indicates that the organization is headquartered in Shanghai and has offices and subsidiaries in Beijing, Sichuan, Jiangsu, and Zhejiang.
The company failed to respond to an AFP request for comment. The online-distributed leak comprises countless files, including chat records, presentations, and target lists.
Hacks of Contracts
Among the disclosures, AFP discovered screenshots of login attempts to an individual’s Facebook account and what appeared to be directories of the Thai and British governments.
Additional photographs depicted salary-related disputes between an employee and a supervisor, in addition to a document that delineated software designed to infiltrate the Outlook emails of the intended recipient.
Analysts at SentinelLabs stated, “As evidenced by the leaked documents, third-party contractors facilitate and execute a substantial number of China’s offensive cyber operations.”
A screenshot of a messaging application conversation depicts a client requesting exclusive access to various government departments of an unnamed country, including the “foreign secretary’s office, foreign ministry’s ASEAN office, prime minister’s office, national intelligence agency.”
According to analysts who reviewed the files, the organization additionally provided prospective clients with the capability to infiltrate user accounts on social media platform X. This included the ability to observe user activity, access private messages, and publish content.
It also described how the firm’s hackers could remotely access and commandeer an individual’s computer, enabling them to program commands and observe their input. Additional services encompassed methods to compromise the operating systems of Apple’s iPhone and other smartphones, in addition to bespoke hardware such as a power bank capable of extracting data from a device and transmitting it to hackers.
Xinjiang is connected to According to analysts, the breach also disclosed one-soon’s contract bidding in Xinjiang, a region in China’s northwest where Beijing is accused of arresting hundreds of thousands of primarily Muslim individuals in an effort to combat alleged extremism.
The United States has designated the event as a genocide. Analysts from SentinelLabs reported that the organization enumerated additional terrorism-related targets it had previously compromised as proof of its capability to execute these duties. Among these targets were counterterrorism centers located in Pakistan and Afghanistan.
According to them, “the compromised data also disclosed the potential earnings of hackers, which comprised $55,000 for infiltrating a Vietnamese government ministry.”
“The organization also operates an institute ‘enforcing the spirit’ of President Xi Jinping’s crucial directives regarding the development of cybersecurity education and expertise,” according to a cached version of the company’s website.
According to the FBI, “China has the most extensive espionage program of any nation. The assertions have been refuted by Beijing, which has deemed them unfounded, citing the United States’ prior involvement in cyber espionage.” Pieter Arntz, an eminent researcher, predicted that the disclosure would “rattle some cages at the infiltrated entities.”
“Therefore, it has the potential to instigate a transformation in global diplomacy and unveil vulnerabilities within the national security frameworks of numerous nations.”
About the Author:
Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.
About Author
English