Massive leak shows Chinese firm hacked foreign govts, activists: analysts | Tech News

Massive leak shows Chinese firm hacked foreign govts, activists: analysts

A Chinese tech security firm was able to breach foreign governments, infiltrate social media accounts and hack personal computers, a massive data leak analysed by experts this week revealed.

By:AFP
| Updated on: Feb 22 2024, 20:23 IST
NASA Boeing Crew Flight Test mission set to launch historic Starliner spacecraft with astronauts
Chinese tech security firm
1/7 Join NASA in witnessing a milestone moment as part of the Commercial Crew Program- the launch of NASA's Boeing Crew Flight Test to the International Space Station (ISS). This mission marks Boeing's inaugural crewed flight aboard the Starliner spacecraft. (NASA)
image caption
2/7 NASA astronauts Butch Wilmore and Suni Williams will take off on this historic journey aboard the Starliner, to be launched by a United Launch Alliance Atlas V rocket. Their destination: the ISS, where they will spend up to two weeks conducting vital tests and experiments. (NASA)
image caption
3/7 Mission Details: Scheduled for liftoff in mid-April 2024 from Space Launch Complex-41 at Cape Canaveral Space Force Station in Florida, the mission will evaluate the end-to-end capabilities of the Starliner system. This includes the launch, docking, and the spacecraft's return to Earth in the western United States desert. (@NASAKennedy)
image caption
4/7 Certification Process: Following a successful mission, NASA will initiate the final certification process for the Starliner and its systems, paving the way for future crewed missions to the ISS. The outcome of this mission is crucial for the continued success of NASA's Commercial Crew Program. (NASA)
image caption
5/7 Exclusive Photo Opportunity: U.S. media has the opportunity to apply for a unique photo opportunity during the rollout of the Starliner spacecraft from Boeing's Commercial Cargo and Processing Facility at NASA's Kennedy Space Center in Florida. This event is scheduled for early April, adding an extra layer of excitement to the pre-launch preparations. (NASA)
image caption
6/7 For those eager to be part of the action, NASA Social registration opens on Wednesday, Feb. 21, and closes at 3 p.m. EST on Tuesday, Feb. 27. This is a chance to engage with the mission online using #NASASocial. Registration is limited to U.S. citizens or permanent residents. (NASA)
image caption
7/7 How to Watch and What's Next:  If you can't attend in person, don't worry! The launch will be broadcast on NASA Television and www.nasa.gov/nasatv/. Follow regular updates on @NASA, @NASAKennedy, and @Commercial_Crew. Stay tuned for more NASA Socials in the future, and watch for confirmation emails regarding your registration status by March 1. (NASA)
Chinese tech security firm
icon View all Images
Chinese tech security firm I-Soon breached governments, social media accounts, and personal computers, revealing China's cyber espionage ecosystem maturity. (AFP)

A Chinese tech security firm was able to breach foreign governments, infiltrate social media accounts and hack personal computers, a massive data leak analysed by experts this week revealed.

The trove of documents from I-Soon, a private company that competed for Chinese government contracts, shows that its hackers compromised more than a dozen governments, according to cybersecurity firms SentinelLabs and Malwarebytes.

I-Soon also breached "democracy organisations" in China's semi-autonomous city of Hong Kong, universities and the NATO military alliance, SentinelLabs researchers wrote in a blog post Wednesday.

The leaked data, the contents of which AFP was unable to immediately verify, was posted last week on the online software repository GitHub by an unknown individual.

"The leak provides some of the most concrete details seen publicly to date, revealing the maturing nature of China's cyber espionage ecosystem," SentinelLabs analysts said.

I-Soon was able to breach government offices in India, Thailand, Vietnam and South Korea, among others, Malwarebytes said in a separate post on Wednesday.

I-Soon's website was not available Thursday morning, though an internet archive snapshot of the site from Tuesday says it is based in Shanghai, with subsidiaries and offices in Beijing, Sichuan, Jiangsu and Zhejiang.

The firm did not reply to a request for comment.

Asked by AFP on Thursday about whether Beijing contracted hackers, China's foreign ministry said it was "not aware" of the case.

"As a principle, China firmly opposes all forms of cyberattacks and cracks down on them in accordance with law," spokesperson Mao Ning said.

Hacks for contracts

The leak contains hundreds of files showing chatlogs, presentations and lists of targets.

AFP found what appeared to be lists of Thai and UK government departments among the leaks, as well as screenshots of attempts to log into an individual's Facebook account.

Other screenshots showed arguments between an employee and a supervisor over salaries, as well as a document describing software aimed at accessing a target's Outlook emails.

"As demonstrated by the leaked documents, third-party contractors play a significant role in facilitating and executing many of China's offensive operations in the cyber domain," SentinelLabs analysts said.

In one screenshot of a chat app conversation, someone describes a client request for exclusive access to the "foreign secretary's office, foreign ministry's ASEAN office, prime minister's office national intelligence agency" and other government departments of an unnamed country.

Analysts who examined the files said the company also offered potential clients the ability to break into accounts of individuals on social media platform X -- monitoring their activity, reading their private messages, and sending posts.

It also laid out how the firm's hackers could access and take over a person's computer remotely, allowing them to execute commands and monitor what they type.

Other services included ways to breach Apple's iPhone and other smartphone operating systems, as well as custom hardware -- including a powerbank that can extract data from a device and send it to the hackers.

Xinjiang ties

Analysts said the leak also showed I-Soon bidding for contracts in China's northwestern region of Xinjiang, where Beijing stands accused of detaining hundreds of thousands of mostly Muslim people as part of a campaign against alleged extremism. The United States has called it a genocide.

"The company listed other terrorism-related targets the company had hacked previously as evidence of their ability to perform these tasks, including targeting counterterrorism centers in Pakistan and Afghanistan," SentinelLabs analysts said.

The leaked data also revealed the fees that hackers could earn, they said, including $55,000 from breaking into a government ministry in Vietnam.

A cached version of the company's website showed the firm also runs an institute dedicated to "implementing the spirit" of President Xi Jinping's "important instructions" on developing cybersecurity education and expertise.

The FBI has said that China has the biggest hacking programme of any country.

Beijing has dismissed the claims as "groundless" and pointed to the United States's own history of cyber espionage.

Pieter Arntz, a researcher at Malwarebytes, said the leak will likely "rattle some cages at the infiltrated entities".

"As such, it could possibly cause a shift in international diplomacy and expose the holes in the national security of several countries."

Also read other top stories today:

Demand for Deepfake regulation! Artificial intelligence experts and industry executives, including ‘AI godfather' Yoshua Bengio, have signed an open letter calling for more regulation around the creation of deepfakes. Some interesting details in this article. Check it out here.

Sora raises fears! Since OpenAI rolled out its text-to-video AI generation platform, leading content creators are fearing if they are the latest professionals about to be replaced by algorithms. Check out all the details here.

Microsoft to build a home-grown processor! Microsoft has become a customer of Intel's made-to-order chip business. The company will use Intel's 18A manufacturing technology to make a forthcoming chip that the software maker designed in-house. Read all about it here.

One more thing! We are now on WhatsApp Channels! Follow us there so you never miss any updates from the world of technology. ‎To follow the HT Tech channel on WhatsApp, click here to join now!

 

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 22 Feb, 20:23 IST
Tags:
NEXT ARTICLE BEGINS