![]() The leak also paints a less-than-flattering picture of the day-to-day goings-on at a mid-level Chinese cybersecurity firm.Įmployees’ chats are full of complaints about office politics, lack of basic tech expertise, poor pay and management, and the challenges the company faced in securing clients. I-Soon also boasts of a technique to bypass two-step authentication – a common login technique that offers an extra level of security to the account. ![]() One service offered is a tool that allows clients to break into accounts on social media platform X, formerly Twitter, claiming to be able to obtain the phone number of a user and break into their private messages. In one screenshot of a conversation, someone describes a client request for exclusive access to the “foreign secretary’s office, foreign ministry’s ASEAN office, prime minister’s office, national intelligence agency” and other government departments of an unnamed country. ![]() Other services included ways to breach Apple’s iPhone and other smartphone operating systems, as well as custom hardware – including a power bank that can extract data from a device and send it to the hackers. It also laid out how the firm’s hackers could access and take over a person’s computer remotely, allowing them to execute commands and monitor what they type, known as key logging. “At the moment, the trojan horses are mainly customised for Beijing’s state security department,” one said. In their chats, I-Soon staffers told colleagues their main focuses were making “Trojan horses” – malware disguised as legitimate software that allows hackers access to private data – and building databases of personal information. ![]() “Everyone thinks of Xinjiang like a nice big cake … but we have suffered too much there,” one wrote. But workers complained about the challenges of doing business in the tense region. There were also references to a client in Xinjiang, where Beijing is accused of grave human rights abuses. There were references to official corruption: in one chat, salesmen discussed selling the company’s products to police – and planned to give kickbacks to those involved in the sale. The firm also offered clients help protecting their devices from hacking and securing their communications – with many of their contracts listed as “non-secret”. Judging from the leaks, most of I-Soon’s customers were provincial or local police departments – as well as province-level state security agencies responsible for protecting the Communist party from perceived threats to its rule. Other targets are domestic, from China’s north-western region of Xinjiang to Tibet and from illegal pornography to gambling rings. But they also admitted to having lost access to some of their data seized from government agencies in Myanmar and South Korea. And they claimed to have secured back-end access to higher education institutions in Hong Kong and self-ruled Taiwan, which China claims as part of its territory. They named the government of India – a geopolitical rival of Beijing’s – as a key target for “infiltration”. I-Soon staff also boasted in leaked chats that they secured access to telecom service providers in Pakistan, Kazakhstan, Mongolia, Thailand and Malaysia, among others. There are long lists of targets, from British government departments to Thai ministries. Government agencies of China’s neighbours, including Kyrgyzstan, Thailand, Cambodia, Mongolia and Vietnam, had websites or email servers compromised, the leak revealed. Every day, workers at I-Soon were targeting big fish.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |