AFPi AFP https://istoedinheiro.com.br/autor/afp/ 02/22/2024 – 6:32

A Chinese cybersecurity company hacked foreign governments, social media accounts and personal computers, according to a major data breach analyzed by experts.

Documents from I-Soon, a private company competing for Chinese government tenders, reveal that hackers attacked more than 10 governments, according to cybersecurity companies SentinelLabs and Malwarebytes.

I-Soon also attacked “democratic organizations” in Hong Kong, universities and NATO, SentinelLabs researchers highlighted.

The leaked data, the content of which could not initially be verified by AFP, was published last week by an unknown party on the platform's GitHub forum.

“The leak presents some of the most concrete details ever published and reveals the maturity of the Chinese cyber espionage ecosystem,” said SentinelLabs analysts.

I-Soon managed to infiltrate government offices in India, Thailand, Vietnam and South Korea, among others, according to a message published by Malwarebytes on Wednesday.

I-Soon's website was unavailable Thursday morning, but according to an archive screenshot of the website from Tuesday, the company is headquartered in Shanghai, with subsidiaries and offices in Beijing, Sichuan, Jiangsu and Zhejiang.

The company did not respond to a request for comment from AFP.

When questioned by AFP, the Chinese Ministry of Foreign Affairs stated that it was not aware of the case.

“In principle, China vehemently opposes any type of cyberattacks and pursues them in accordance with the law,” declared the ministry’s spokeswoman, Mao Ning.

– Governments on target –

The leak, published on the internet, contains hundreds of files with records of chats, presentations and lists of targets.

Among the documents, AFP found what appears to be a list of government targets from Thailand and the United Kingdom, as well as screenshots of attempts to access individual Facebook accounts.

“As the leaked documents demonstrate, third-party service providers play a significant role in facilitating and executing many of China’s offensive operations in the cyber domain,” SentinelLabs analysts said.

In a screenshot of a messaging app, an employee appears to describe a request from a customer who wants exclusive access to “the Foreign Secretary's office, the Foreign Office's Southeast Asia office, the National Intelligence Office from the Prime Minister’s Office” and to other government departments in an unidentified country.

Analysts who examined the files said the company offered potential customers the ability to access X social network accounts, monitor their activities and read private messages.

They also highlighted that the company included hacking services for Apple's iPhone and the operating systems of other smartphone models, as well as an external battery that can extract data from a device and send it to hackers.

According to the same sources, the leak shows that I-Soon participated in contract bidding in the Chinese region of Xinjiang (northwest).

The Beijing government is accused of arresting hundreds of thousands of Muslims in this region as part of a campaign against suspected extremists, which the United States government classifies as genocide.

The leak also reveals the amounts paid to hackers, including the amount of $55,000 for a lawsuit against a Vietnamese government ministry.

A cached version of the company's website shows that I-Soon also runs an institute dedicated to “implementing the spirit of President Xi Jinping's important instructions on the development of cybersecurity.

The FBI (United States federal police) claims that China has the largest hacking program on the planet, which Beijing denies.