Recently, a significant data leak surfaced on GitHub, exposing insights into China’s advancing cyber espionage capabilities. While the exact contents of the leak remain unidentified by AFP, analysts from SentinelLabs assert that it provides concrete details illustrating the sophistication of China’s cyber espionage activities.
The leaked data, attributed to a group known as I-Soon, reportedly reveals breaches of government offices across various countries, including India, Thailand, Vietnam, and South Korea. This information was corroborated by findings from Malwarebytes, although the website associated with I-Soon was inaccessible at the time of reporting.
Despite the unavailability of I-Soon’s website, archived data indicates its base in Shanghai, with additional offices scattered across China. The leaked information encompasses chat logs, presentations, and target lists, offering valuable insights into the group’s operations and strategies.
Among the services purportedly offered by I-Soon are methods for infiltrating social media accounts, remotely controlling computers, and breaching smartphone operating systems. Notably, they also offer custom hardware like a power bank capable of extracting data from devices.
Additionally, the leaked documents shed light on I-Soon’s involvement in bidding for contracts in China’s Xinjiang region, where reports of human rights abuses have emerged.
Analysts also discovered details regarding the fees hackers could earn through various cyber operations, such as a reported $55,000 for breaching a government ministry in Vietnam.
These revelations come amidst ongoing scrutiny over China’s cyber activities, with the FBI previously highlighting the country’s extensive hacking operations. However, China has consistently denied such allegations, often pointing to the United States’ own history of cyber espionage.
Pieter Arntz, a researcher at Malwarebytes, emphasized the potential implications of the leak, suggesting it could prompt shifts in international diplomacy and expose vulnerabilities in national security systems.
