Jump to content

I-Soon leak

Edit links
From Wikipedia, the free encyclopedia
(Redirected from I-Soon)
The Rewards for Justice Program of the U.S. State Department offers US$10 Million for information of i-Soon staff following the leak

On 16 February 2024, a series of documents from Chinese information company i-Soon (Chinese: 安洵信息) were leaked on GitHub. The documents showed that the company emerged with several hacking and cyber ​​espionage activities with the Chinese government. After the leak, the Chinese government's role in cyberwarfare and its connection with private Internet companies became the focus of international attention and media investigation.

Leak and investigation

[edit]

On 21 February 2024, TeamT5 (Chinese: 杜浦數位安全), a Taiwanese cybersecurity group, found an unknown link and downloaded it, and found it was a leak from a Chinese information company called "i-Soon". The company served as a contractor to the Ministry of State Security, Ministry of Public Security, and People's Liberation Army.[1] The leaked content includes various contracts, internal meeting records, and cyber attack techniques. It also revealed the company's collaboration with the Chinese government and a hacker group "APT41",[2] involvement in cyber espionage, and its internal problems.[3][4][5]

The leaked documents also indicated that i-Soon hacked into government systems, telecommunications companies, and non-governmental organization websites in Asian and European countries to gain access and steal their data. The main targets included India, Hong Kong, Taiwan, South Korea, and Malaysia.[6][7][8] Some further reports found that their target were extended to the United Kingdom, the Czech Republic, the European Union, and the United States.[9][10] In addition, the documents showed that i-Soon had deceived the Chinese government and their internal issues, including financial problems, product quality, and low wages and treatments against its employees.[3]

The BBC and the NHK launched their own independent investigation into the documents and concluded that the documents were authentic.[9][11] The NHK reporters have visited the i-Soon office, only to find it was already empty.[11] The NHK published a documentary of their investigation in September 2024. In the documentary, the NHK found the company had close ties with the Chinese "People's Police". The time when the target was discussed matched the time when the target was attacked. NHK also found that i-Soon had provided a detailed manual for Twitter to manipulate its public opinion. The documentary used Fukushima radioactive water discharge and controversy of importing Indian workers to Taiwan as examples of how China triggers cognitive warfare by spreading misinformation.[5][11]

In March 2025, the United States Attorney's Office of the Southern District of New York and the District of Columbia prosecuted several persons involved with i-Soon for their malicious activities. The United States Department of Commerce sized the company's domain and VPS. The department also issued a sanction against the company.[10][12]

Reaction

[edit]

The Ministry of Foreign Affairs of the People's Republic of China denied the attack, stating that China "opposes and punishes any form of cyber attacks in accordance with the law". Le Monde doubts the ministry's denial and believes it is not convictable since the evidence is quite clear.[2] Julian Ku, legal scholar of Hofstra University, said hiring private companies to help with national security and cyberattacks is "inexpensive and effective". Chris Balding, an American economist, said the leak was not surprising, despite being quite noticeable.[13] Deng Haiyan, the former officer of the People's Police, indicated that the Chinese government hires private companies is because its limited manpower and technical capabilities. A former Weibo staff said the hacking activities are for manipulating public opinion and suppressing dissenting voices by disrupting or harassing them.[5][11]

See also

[edit]

References

[edit]
  1. ^ Sepherd, Christian; Cadell, Cate; Nakashima, Ellen; Menn, Joseph; Aaron, Schaffer (February 21, 2024). "Leaked files from Chinese firm show vast international hacking effort". The Washington Post. Retrieved May 27, 2025.
  2. ^ a b 阿曼亭 (2024-02-24). "中国否认和安洵有任何联系,但谁信呢?". 法国国际广播电台 (in Chinese). Archived from the original on 2024-03-02. Retrieved 2024-02-24.
  3. ^ a b Vicens, AJ (2024-02-21). "Leaked documents show how firm supports Chinese hacking operations". CyberScoop. Retrieved 2025-05-20.
  4. ^ 周峻佑 (2024-02-24). "中國資安業者安洵信息內部資料在GitHub公開,曝露中國政府對全球各地的網路間諜攻擊手段,引起各界高度關注". iThome (in Traditional Chinese). Archived from the original on 2024-05-24. Retrieved 2025-05-20.
  5. ^ a b c 陳詩童 (2024-10-21). "NHK調查「安洵資訊」外洩文件 揭中國散播假訊息手法". 公視新聞網 (in Chinese). Retrieved 2025-05-20.
  6. ^ "待价而沽的黑客:中国大规模网络泄露事件暴露了什么?". 美国之音 (in Chinese). 2024-02-24. Archived from the original on 2024-04-02. Retrieved 2024-02-24.
  7. ^ "日媒報道|安洵文件洩漏事件 揭中國認知戰手段 網路傳謠致台灣民眾示威". 光傳媒 (in Chinese). 2024-10-21. Retrieved 2025-05-20.
  8. ^ 孟建国; Bradsher, Keith; Liu, John; Krolik, Aaron (2024-10-23). "中国招揽黑客的隐秘世界:安洵文件泄露事件揭示了什么". 纽约时报中文网 (in Chinese). Retrieved 2025-05-20.
  9. ^ a b Cheetham, Joshua; Palumbo, Daniele; Corera, Gordon (2024-02-23). "安洵文件泄露:中国科技公司声称可帮客户黑入英国外交部". BBC News 中文 (in Chinese). Archived from the original on 2024-03-08. Retrieved 2024-02-24.
  10. ^ a b 周峻佑 (2025-03-06). "美國起訴中國資安業者安洵信息的員工,並指控該公司為中國軍情單位提供駭客服務". iThome (in Traditional Chinese). Retrieved 2025-05-21.
  11. ^ a b c d 戴雅真 (2024-10-21). "NHK追溯安洵外洩文件點名台灣 分析中國認知戰操控輿論手段". 中央社 (in Chinese). Retrieved 2025-05-20.
  12. ^ 陳怡菱 (2025-03-08). "美國起訴12名中國駭客傭兵 揭中國借私企「安洵」掩飾政府惡意網攻". Newtalk新聞 (in Chinese). Retrieved 2025-05-21.
  13. ^ 文灏; 许宁 (2024-02-24). "推特上的中国:专家称安洵文件内容证实对中国网络行动的猜测". 美国之音 (in Chinese). Archived from the original on 2024-02-24. Retrieved 2024-02-24.

Further reading

[edit]
[edit]
Wikimedia Commons has media related to I-Soon leak.
Retrieved from "https://en.wikipedia.org/w/index.php?title=I-Soon_leak&oldid=1292658464"