by A Chinese technology security firm was able to subvert foreign governments, infiltrate social media accounts and hack personal computers, a massive data leak analyzed by experts revealed this week.
The trove of documents from I-Soon, a private company competing for Chinese government contracts, shows its hackers compromised more than a dozen governments, according to cybersecurity firms SentinelLabs and Malwarebytes.
I-Soon also breached “democratic organizations” in China’s semi-autonomous city of Hong Kong, universities and the NATO military alliance, SentinelLabs researchers wrote in a blog post Wednesday.
The leaked data, whose content AFP could not immediately verify, was posted last week on the online software repository GitHub by an unknown individual.
“The leak provides some of the most concrete data seen publicly to date, revealing the mature nature of China’s cyber espionage ecosystem,” SentinelLabs analysts said.
I-Soon was able to breach government offices in India, Thailand, Vietnam and South Korea, among others, Malwarebytes said in a separate post on Wednesday.
I-Soon’s website was unavailable Thursday morning, although an internet archive picture of the site from Tuesday says it is based in Shanghai, with subsidiaries and offices in Beijing, Sichuan, Jiangsu and Zhejiang.
The firm did not respond to a request for comment.
Asked by AFP on Thursday whether Beijing had contracted hackers, China’s foreign ministry said it was “not aware” of the situation.
“As a matter of principle, China resolutely opposes all kinds of cyber attacks and crackdowns according to the law,” said spokesman Mao Ning.
– Hacks for contracts –
The leak contains hundreds of files showing chatlogs, presentations and target lists.
AFP found lists of Thai and UK government departments among the leaks, as well as screenshots of attempts to log into an individual’s Facebook account.
Other screenshots showed arguments between an employee and a supervisor about salaries, as well as a document that described software intended to access the target’s Outlook emails.
“As the leaked documents have shown, third-party contractors play a significant role in facilitating and executing many of China’s offensive operations in the cyber domain,” SentinelLabs analysts said.
In one screenshot of a chat app conversation, someone describes a client’s request for exclusive access to “the office of the foreign secretary, the ASEAN office of the foreign ministry, the national intelligence agency of the prime minister’s office” and other government departments in an unnamed country .
Analysts who examined the files said the company also offered potential clients the ability to break into individuals’ accounts on social media platform X – monitor their activity, read their private messages, and send mail.
It also outlined how the firm’s hackers could gain access to a person’s computer and take over it remotely, allowing them to execute commands and monitor what they type.
Other services included ways to hack Apple’s iPhone and other smartphone operating systems, as well as custom hardware – including a power bank that can extract data from a device and send it to the hackers.
– Xinjiang links –
Analysts said the leak also revealed I-Go’s bid for contracts in China’s northwestern region of Xinjiang, where Beijing is accused of detaining hundreds of thousands of mostly Muslim people as part of a campaign against alleged extremism. The United States called it genocide.
“The company listed other terrorism-related targets that the company had previously hacked as evidence of their ability to carry out these tasks, including targeting counter-terrorism centers in Pakistan and Afghanistan,” SentinelLabs analysts said.
The leaked data showed the fees hackers could earn, they said, including $55,000 for breaking into a government ministry in Vietnam.
A cached version of the company’s website revealed that the firm also runs an institute dedicated to “implementing the spirit” of President Xi Jinping’s “important directives” on developing cybersecurity education and expertise.
The FBI has said that China has the largest hacking program of any country.
Beijing has dismissed the claims as “baseless” and cited the United States’ own history of cyber espionage.
Pieter Arntz, a researcher at Malwarebytes, said that the leak is likely to cause “several cages for the infiltrated entities”.
“Thus, it could cause a change in international diplomacy and expose the holes in the national security of some countries.”
oho-tjx-sbr/dhw
