Trove of leaked documents 'reveal scale of Chinese state-linked hacking operation targeting UK government and other Western allies by exploiting weaknesses in software from big tech firms including Microsoft, Apple and Google'

A trove of newly leaked documents has revealed a sophisticated hacking operation backed by the Chinese government that has targeted the UK and other Western states. 

The cache of over 570 documents, images and chat logs was leaked from i-Soon, also known as Auxun, a private tech firm that claims to be able to exploit software vulnerabilities from major tech companies including Microsoft, Apple and Google at the behest of the Chinese government. 

The files, posted to code-sharing platform GitHub last week, shows i-Soon’s contracts with the Chinese government going back eight years to target at least 20 foreign governments, including the UK. 

Employees of i-Soon, which is based in Shanghai and sells third-party hacking and data-gathering services, were found to have discussed the UK’s Home and Foreign offices, as well as the treasury. 

Also on the list were renowned think-tanks Chatham House and the International Institute for Strategic Studies, both of which are headquartered in London and have strong links to the UK government. 

The files, posted to code-sharing platform GitHub last week, shows i-Soon employees discussing the describing the sale of unspecified data related to the bloc in 2022

i-Soon is a a private tech firm that claims to be able to exploit software vulnerabilities from major tech companies including Microsoft, Apple and Google at the behest of the Chinese government

i-Soon targeted commercial interests across the world (File image)

Also in the sights of the hacking operation was NATO, with many chat logs describing the sale of unspecified data related to the bloc in 2022. 

It is not clear from the logs, which have been reviewed by MailOnline, what the data relates to, or how it was extracted.  

The leaked documents also show that hackers also targeted commercial interests across the world, with one hack managing to steal a three terabyte collection of call logs from a South Korean telecommunications company. 

The group also targeted telecoms firms in Hong Kong, Nepal, Kazakhstan, Malaysia, Mongolia and Taiwan. 

All pieces of software have some level of vulnerability, and there is now a complex economic ecosystem of companies and individuals who can make vast amounts of money finding them and selling software that can exploit them. 

In the cybersecurity world, actors who find vulnerabilities and sell the information back to the author of the software, with the intention of allowing them to patch it, are known as ‘white-hat hackers’, while those who sell exploits to others with the intention of facilitating a breach are known as ‘black-hat hackers.’ 

The company now works for key government departments, including the Ministry of Public Security, the Ministry of State security and the People’s Liberation Army

The Washington Post reported that i-Soon is one of many companies that make up the ‘patriotic’ hacking ecosystem

The Washington Post reported that i-Soon is one of many companies that make up the ‘patriotic’ hacking ecosystem that has been established and grown over the last two decades. 

The company now works for key government departments, including the Ministry of Public Security, the Ministry of State security and the People’s Liberation Army. 

One document showed that i-Soon has signed hundreds of deals with Chinese police forces that range from just £1,100 all the way up to £634,000. 

A leaked product guide boasts of the company’s ability to steal data without being detected. 

One document, which describes a service that i-Soon claims allows clients to covertly access and control Microsoft Outlook and Hotmail accounts, reads: ‘Information has increasingly become the lifeblood of a country and one of the resources that countries are scrambling to seize. In information warfare, stealing enemy information and destroying enemy information systems have become the key to defeating the enemy.’

The company also advertises a £20,000 service that claims to allow users to obtain information from iPhones, including ‘basic mobile phone information, GPS positioning, mobile phone contacts’ and ‘environment recording’ using a ‘remote access’ control system. 

China’s growing confidence in its ability to conduct cyber attacks against its adversaries is well documented, with the FBI’s director warning that China’s cyber attacks have grown to a ‘scale greater than we’d seen before.’

Christopher Wray said Beijing’s plan to secretly plant technology inside the US critical infrastructure has become a significant threat to national security.

source: dailymail.co.uk