Leaked documents show Chinese cyber intrusions in Malaysia, 20 other territories

Leaked documents show Chinese cyber intrusions in Malaysia, 20 other territories

A cache of over 570 files including images and chat logs reveals contracts for the extraction of foreign data over eight years.

A cache of several hundred files which surfaced on Github last week has unveiled the inner workings of iSoon, a Chinese firm providing hacking and data-gathering services.
PETALING JAYA:
Leaked documents from a Chinese state-linked hacking group have revealed extensive cyber intrusions in at least 20 foreign governments and territories, including Malaysia.

The cache included over 570 files, images, and chat logs revealing details about iSoon, a Chinese firm providing hacking and data-gathering services to government agencies, security groups, and state-owned enterprises.

The files, which surfaced on Github last week, also revealed contracts for the extraction of foreign data over eight years, with Malaysia identified as one of the targeted territories, the Washington Post reported.

Cybersecurity experts who spoke to the US daily said the files were credible, noting the rarity of such unrestricted access to intelligence operation details.

“We have every reason to believe this is the authentic data of a contractor supporting global and domestic cyberespionage operations out of China,” John Hultquist, chief analyst of Mandiant Intelligence, a cybersecurity firm owned by Google Cloud, was quoted as saying.

The leaked files included a spreadsheet revealing the successful breaches of overseas targets, including 95.2 gigabytes of immigration data from India and a three-terabyte collection of call logs from South Korea’s LG U Plus telecom provider.

The firm also targeted telecommunications firms in Malaysia, among other countries.

The leaked documents also included product manuals detailing services for hacking into Microsoft, Apple, and Twitter accounts, among others.

One document promoted an iSoon package that claimed to enable clients to secretly control Microsoft Outlook and Hotmail accounts by bypassing authentication protocols.

“Information has increasingly become the lifeblood of a country and one of the resources that countries are scrambling to seize. In information warfare, stealing enemy information and destroying enemy information systems have become the key to defeating the enemy,” it said.

iSoon not only established long-term agreements but also responded to on-demand requests from smaller Chinese cities and private companies.

In one chat exchange, an iSoon employee responded to a request from a state security bureau in southern China seeking information on Hong Kong by suggesting emails from Malaysia as an alternative source.

FMT has reached out to the digital ministry for comment.

Stay current - Follow FMT on WhatsApp, Google news and Telegram

Subscribe to our newsletter and get news delivered to your mailbox.