Data leak exposes Chinese firm’s cyber intrusion into Indian govt offices, other foreign companies

Story highlights

A massive data leak showed that a Chinese technology firm I-Soon hacked Indian government offices as well as institutions in various other nations, media reports said citing a large data leak confirmed as legitimate by experts.

The leaked documents, attributed to I-Soon, shed light on the extent of the breach, indicating a sophisticated operation that penetrated numerous foreign governments, social media platforms, and personal computing systems.

Cybersecurity firms SentinelLabs and Malwarebytes, delving into the leaked data, uncovered evidence of I-Soon’s incursions into over a dozen governments, as well as democratic organisations in Hong Kong, universities, and even the NATO military alliance.

While the exact contents of the leaked data remain undisclosed, they were made public last week on GitHub by an anonymous individual, offering unprecedented insights into China’s evolving cyber espionage capabilities, according to analysts at SentinelLabs.

According to Malwarebytes, I-Soon’s targets extended beyond India to include government entities in Thailand, Vietnam, and South Korea, among others.

I-Soon’s website is inaccessible but archived information reportedly suggested its headquarters in Shanghai, with additional branches across China.

The leaked files purportedly contain chat logs, presentations, and lists of targeted entities, illustrating the hacking by I-Soon, from infiltrating social media accounts to remotely controlling personal computers.

Notably, the leaked data also revealed I-Soon’s involvement in bidding for contracts in China’s Xinjiang region, amidst international scrutiny over Beijing’s treatment of Uyghur Muslims in the region. 

(With inputs from agencies)