Skip to content
Search

Latest Stories

Massive leak shows Chinese firm hacked Indian govt offices: analysts

Chinese hackers were able to breach government offices in India, Thailand, Vietnam, and South Korea, among others. They also targeted Chinese dissidents

Massive leak shows Chinese firm hacked Indian govt offices: analysts

A Chinese tech security firm was able to breach foreign governments, including India, infiltrate social media accounts, and hack personal computers, a massive data leak analysed by experts this week revealed.

The trove of documents from I-Soon, a private company that competed for Chinese government contracts, shows that its hackers compromised more than a dozen governments, according to cybersecurity firms SentinelLabs and Malwarebytes.


I-Soon was able to breach government offices in India, Thailand, Vietnam and South Korea, among others, Malwarebytes said in a post on Wednesday.

India Today reports that the hackers targeted key offices of the Indian government, including the finance ministry, external affairs ministry, home ministry, and prime minister's office. It also targeted Indian businesses like Reliance Industries Limited and Air India, owned by the Tata group.

Among the leaked files, AFP found what appeared to be lists of Thai and UK government departments.

I-Soon also breached "democracy organisations" in China's semi-autonomous city of Hong Kong, universities and the NATO military alliance, SentinelLabs researchers wrote in a separate blog post on Wednesday.

The leaked data, the contents of which AFP was unable to immediately verify, was posted last week on the online software repository GitHub by an unknown individual.

"The leak provides some of the most concrete details seen publicly to date, revealing the maturing nature of China's cyber espionage ecosystem," SentinelLabs analysts said.

I-Soon's website was not available Thursday morning, though an internet archive snapshot of the site from Tuesday says it is based in Shanghai, with subsidiaries and offices in Beijing, Sichuan, Jiangsu and Zhejiang.

The firm did not reply to a request for comment.

Asked by AFP on Thursday about whether Beijing contracted hackers, China's foreign ministry said it was "not aware" of the case.

"As a principle, China firmly opposes all forms of cyberattacks and cracks down on them in accordance with law," spokesperson Mao Ning said.

Hacks for contracts

The leak contains hundreds of files showing chatlogs, presentations and lists of targets.

AFP found screenshots of attempts to log into an individual's Facebook account.

Other screenshots showed arguments between an employee and a supervisor over salaries, as well as a document describing software aimed at accessing a target's Outlook emails.

"As demonstrated by the leaked documents, third-party contractors play a significant role in facilitating and executing many of China's offensive operations in the cyber domain," SentinelLabs analysts said.

In one screenshot of a chat app conversation, someone describes a client request for exclusive access to the "foreign secretary's office, foreign ministry's ASEAN office, prime minister's office national intelligence agency" and other government departments of an unnamed country.

Analysts who examined the files said the company also offered potential clients the ability to break into accounts of individuals on social media platform X - monitoring their activity, reading their private messages, and sending posts.

It also laid out how the firm's hackers could access and take over a person's computer remotely, allowing them to execute commands and monitor what they type.

Other services included ways to breach Apple's iPhone and other smartphone operating systems, as well as custom hardware - including a power bank that can extract data from a device and send it to the hackers.

Xinjiang ties

Analysts said the leak also showed I-Soon bidding for contracts in China's northwestern region of Xinjiang, where Beijing stands accused of detaining hundreds of thousands of mostly Muslim people as part of a campaign against alleged extremism. The United States has called it a genocide.

"The company listed other terrorism-related targets the company had hacked previously as evidence of their ability to perform these tasks, including targeting counterterrorism centers in Pakistan and Afghanistan," SentinelLabs analysts said.

The leaked data also revealed the fees that hackers could earn, they said, including $55,000 from breaking into a government ministry in Vietnam.

A cached version of the company's website showed the firm also runs an institute dedicated to "implementing the spirit" of President Xi Jinping's "important instructions" on developing cybersecurity education and expertise.

The FBI has said that China has the biggest hacking programme of any country.

Beijing has dismissed the claims as "groundless" and pointed to the United States's history of cyber espionage.

On the other hand, some Chinese cybersecurity firms had recently alleged that there have been a series of cyberattacks originating from India, reports South China Morning Post.

Pieter Arntz, a researcher at Malwarebytes, said the leak will likely "rattle some cages at the infiltrated entities".

"As such, it could cause a shift in international diplomacy and expose the holes in the national security of several countries." (Agencies)

More For You

modi-bjp-reuters

BJP supporters celebrate in New Delhi. (Photo: Reuters)

Modi's BJP wins Delhi assembly election after 27 years

INDIAN prime minister Narendra Modi said on Saturday that "development had won" as his Bharatiya Janata Party (BJP) secured victory in Delhi’s local elections, ending a 27-year gap since it last controlled the capital’s legislature.

"Development has won, good governance has won," Modi said after Delhi’s former chief minister, a key opposition leader, conceded defeat.

Keep ReadingShow less
Uganda-high-commission-event

The event also focused on Uganda’s role in cultural diplomacy and sustainable development.

Uganda high commission hosts heritage event in London

THE UGANDA high commission in London hosted an event highlighting Uganda’s cultural heritage and investment opportunities at the International Maritime Organization (IMO) Building. The event featured a performance by the Watoto Children’s Choir.

Uganda’s high commissioner to the UK, Nimisha J Madhvani, addressed the gathering, welcoming guests and speaking about the country’s cultural diversity.

Keep ReadingShow less
Maha-kumbh-pilgrims-reuters

Devotees arrive at the river bank to take a holy dip at Sangam during the Maha Kumbh Mela in Prayagraj, India on January 28, 2025. (Photo: Reuters)

India says 420 million pilgrims have visited Maha Kumbh

INDIA’s government announced on Friday that more than 420 million pilgrims have taken part in ritual bathing at the Maha Kumbh, a Hindu religious festival.

Organisers say the estimate is based on artificial intelligence and surveillance cameras used to track attendance.

Keep ReadingShow less
Bird-flu-Getty

There have been 27 confirmed cases of bird flu in England and one in Scotland during the current outbreak. (Representational image: Getty Images)

England bans 'bird gatherings' to contain avian flu spread

THE GOVERNMENT has announced a ban on "bird gatherings" in England as part of efforts to contain the spread of avian influenza.

The ban, which comes into effect from midday on Monday, will apply to fairs, markets, and shows involving various bird species.

Keep ReadingShow less
Matt-Jukes-Getty

Matt Jukes, the UK’s head of counterterrorism, has called for a social media ban for children under 16. (Photo: Getty Images)

Nine-year-old among youngest referred for far-right deradicalisation

A UK charity working to counter far-right radicalisation has seen children as young as nine referred for support.

Exit Hate UK, which helps individuals leave extremist movements, said its youngest-ever referral was nine years old, with the average age of those seeking help being about 15, according to The Times.

Keep ReadingShow less