In a massive development, China has been left exposed after a Sanghai-based cybersecurity agency suffered a massive data leak that contained its communication with the Xi Jinping government. Chinese firm I-Soon has mistakenly exposed Beijing's notorious plan to hit its non-allies like India, Nigeria, the UK, and especially NATO with a group of hackers. To be precise, US media reports suggest that a cache of more than 500 leaked files from the Chinese firm I-Soon was posted on the developer website Github and is thought by cybersecurity experts to be genuine. Some of the targets discussed include NATO and the UK Foreign Office.
Going by I-Soon leaked data, it can be said that China's state security agents are paying tens of thousands of dollars to harvest data on targets, including foreign governments, while hackers hoover up huge amounts of information on any person or institution that might be of interest to their prospective clients.
Before talking more about leaked I-Soon data, the company is Shanghai-based (also transliterated from the Mandarin as Auxun), is believed to be one of the many private contractors that help the Chinese Communist Party (CCP) to conduct its intelligence-gathering, hacking, and other surveillance activities.
From where i-Soon's data leak?
John Hultquist, the Chief Threat Analyst of Google’s Mandiant cybersecurity division was quoted by a newswire who informed that the source of the leak could be “a rival intelligence service, a dissatisfied insider, or even a rival contractor.” He added that the company I-Soon’s sponsors are likely to be China’s Ministry of State Security, which is the state intelligence and security agency, and the Chinese military, called the People’s Liberation Army (PLA).
As per reports, I-Soon leaked data possesses emails, images, conversations, and thousands of documents. As per The Washington Post, they "detail contracts to extract foreign data over eight years and describe targets within at least 20 foreign governments and territories, including India, Hong Kong, Thailand, South Korea, the United Kingdom, Taiwan, and Malaysia".
A user named Byron Wan shared China cybersecurity leaked data and also described it in detail. Sharing one of the file Bryon wrote, " files 44 and 46 contain tables enumerating data samples from targets — telcos, universities, government departments such as foreign ministries, hospitals, etc — in various countries including Afghanistan, India, Indonesia, Thailand, Myanmar, Vietnam, Malaysia, Pakistan, Hong Kong, Mongolia, Taiwan, Turkey, Nepal, Nigeria, Rwanda, France, Cambodia, Egypt, Kazakhstan, Kyrgyzstan, the Philippines and South Korea…"
"Service offerings of (China) include penetration into specific targets and intelligence collection targeting countries such as India and Nepal, among others (file 59)..some internal files — mostly employee chat records in 2020-2022 — of 🇨🇳 security solutions company (with cyberespionage capabilities) I-SOON ...have been leaked on Github… ..I-SOON has links with APT41 possibly as a contractor .. files 21-38 contain info / documents about various I-SOON products.. file 31 mentions a system that aims to monitor tweets and shape / influence / control public opinions ... on Twitter (attached screenshots)..file 32 talks about a system that targets Windows.. files 39-60 talk about I-SOON breaking into government, military and other entities in various countries including Thailand, India, Vietnam, Brunei, Kyrgyzstan, North Macedonia, NATO, etc..files 61-65 include employees directory and other employee info."