China’s hired hackers: a massive cybersecurity breach exposing China’s operations

China’s hired hackers: a massive cybersecurity breach exposing China’s operations

Leaked files reveal a variety of services available for purchase, including information obtained from targets across the globe. According to a significant data leak from a Chinese cybersecurity company, state security agents are paying tens of thousands of pounds to gather data on targets, including foreign governments. Meanwhile, hackers are gathering massive amounts of data on any individual or organization that could be of interest to their potential clients.

It’s believed that over 500 files have been leaked worldwide

Cybersecurity experts believe the cache of over 500 leaked files from the Chinese company I-Soon, which was uploaded on the Github developer website, to be authentic. NATO and the UK Foreign Office are a couple of the suggested targets.

More than a year ago, in an unprecedented joint address, the FBI and MI5 leaders warned about the issue of Chinese spying, asking for upgraded security measures. At that time, the two agencies said that they were voicing a new concern about the Chinese government and informing corporate executives that Bejing was intent on stealing their technology in order to obtain a competitive advantage.

The files, a collection from chat logs, business prospectuses, and data samples, show the scope of China’s intelligence-collecting activities and the challenges that the nation’s commercial hackers face in the competitive market. China is currently experiencing a downturn in its economy.

i-SOON
i-SOON

I-Soon and Chengdu 404 have been in dispute over one company using the other company’s tools to hack

I-Soon seems to have collaborated with Chengdu 404, another Chinese hacking group, and became involved in a business dispute with them later. The US Department of Justice has charged Chengdu 404’s hackers for using their tools to launch cyberattacks against US companies and pro-democracy activists in Hong Kong, among other targets.

The other targets mentioned in the I-Soon disclosures are the British research tank Chatham House, the Association of Southeast Asian Nations (ASEAN) countries’ foreign affairs ministries, and public health bureaus. While some of this data appears to have been collected indiscriminately, other instances involve specific contracts with the Chinese Public Security Bureau to collect particular kinds of data.

“We are aware of this data coming to light and are naturally concerned,” a Chatham House spokeswoman stated. We have precautions in place to protect you, including technological ones that are regularly examined and updated.

“The alliance faces persistent cyberthreats and has prepared for this by investing in extensive cyber defenses,” a NATO official stated. NATO examines each allegation of a cyberthreat. However, the UK Foreign Office chose not to respond,

I-Soon provides a wide range of services. In one instance, Shandong City’s public security department paid about £44,000 to gain a year’s worth of access to the email accounts of ten targets. The I-Soon business also asserted that it could breach many operating systems, including Mac and Android, access personal data from Facebook, hijack accounts on X, and obtain data from corporate databases.

Featured Image Credit: Photo by Yaroslav Shuraev; Pexels

Deanna Ritchie

Managing Editor at ReadWrite

Deanna is an editor at ReadWrite. Previously she worked as the Editor in Chief for Startup Grind, Editor in Chief for Calendar, editor at Entrepreneur media, and has over 20+ years of experience in content management and content development.

The post “China’s hired hackers: a massive cybersecurity breach exposing China’s operations” by Deanna Ritchie was published on 02/23/2024 by readwrite.com