Huge data breach reveals Chinese company compromised global governments and activists: experts

This week, researchers analyzed a major data dump that showed that a Chinese digital security business was capable of hacking personal computers, infiltrating social media accounts, and breaching foreign governments.

Cybersecurity companies SentinelLabs and Malwarebytes have discovered that I-Soon, a private contractor who bid on government contracts in China, had a massive document dump that revealed its hackers had hacked over a dozen nations.

According to a SentinelLabs report published on Wednesday, I-Soon also gained access to colleges, the NATO military alliance, and “democracy organizations” in Hong Kong, a semi-autonomous part of China.

An unidentified person published the compromised data last week on the internet software repository GitHub. AFP was unable to quickly determine the details of the data breach.

“The leak provides some of the most concrete details seen publicly to date, revealing the maturing nature of China’s cyber espionage ecosystem,” experts at SentinelLabs said.

Malwarebytes said in a different article on Wednesday that I-Soon had successfully gained access to government buildings in South Korea, Thailand, Vietnam, and India, among other countries.

Although an internet archive screenshot of I-Soon’s website from Tuesday states that the company is situated in Shanghai and has subsidiaries and offices in Beijing, Sichuan, Jiangsu, and Zhejiang, it was unavailable on Thursday morning.

According to experts, it includes files with conversation logs, presentations, and target lists.

Cybersecurity | Image
Australian democratic blogger who was born in China chooses not to appeal the suspended death penalty in China
Potential customers were given the option to get access to someone’s social networking site X account in order to submit posts, read private messages, and keep an eye on their behavior.

It also described how the company’s hackers could remotely access and take control of a user’s computer, giving them the ability to run programs and see what they write.

Additional services included bespoke hardware, such as a powerbank that can retrieve data from a device and transmit it to hackers, and methods for breaking into Apple’s iPhone and other smartphone operating systems.

The leak also revealed I-Soon vying for contracts in Xinjiang, a province in northwest China where Beijing is suspected of holding hundreds of thousands of largely Muslim citizens in an effort to combat alleged extremism. The term “genocide” has been used by the US.

“The company listed other terrorism-related targets the company had hacked previously as evidence of their ability to perform these tasks, including targeting counterterrorism centers in Pakistan and Afghanistan,” experts at SentinelLabs said.

The payments that hackers may make, according to the hacked data, were also disclosed. One such cost was $55,000 for getting into a Vietnamese government ministry.

China reportedly has the largest cyber operation of any nation, according to the FBI.

Beijing has called the allegations “groundless” and cited US cyberespionage history.

According to Malwarebytes researcher Pieter Arntz, the release would probably “rattle some cages at the infiltrated entities”.

“As such, it could possibly cause a shift in international diplomacy and expose the holes in the national security of several countries.”