Leaked documents posted online last week show how the Chinese government is working with private hackers to obtain sensitive information from foreign governments and companies.
The hackers worked for a security firm called I-Soon, part of a network of spies for hire working closely with Beijing.
The leak showed how China’s top surveillance agency, the Ministry of Public Security, has increasingly recruited contractors to attack government targets and private companies as part of a cyberespionage campaign in Asia. The leak is likely to stoke fears among leaders in Washington who have warned against such attacks in the United States.
What information was revealed?
I-Soon targeted telecommunications firms, online gambling companies and local governments throughout Asia. Its hackers were able to get private information including:
-
records from a Vietnamese airline, with the identities of travelers.
-
personal information from accounts on platforms like Telegram and Facebook.
-
access to the private website of traffic police in Vietnam.
-
software that helped run disinformation campaigns and hack accounts on X.
The leak also included internal discussions at I-Soon, reflecting a grinding workplace and efforts by the company to market its services to the government. I-Soon is one of hundreds of private companies that support China’s hacking efforts through the sale of espionage services and stolen data.
How was the information sold?
I-Soon, a private security contractor, billed the Chinese government as little as $15,000 for access to the private website of traffic police in Vietnam and as much as $278,000 for access to personal information from social media sites. China has a long history of suppressing dissent among its citizens through surveillance.
The leaks were posted publicly on GitHub, a software platform where programmers share code. Vital information has been leaked on the forum before, including source code from X.