Type to search

China Facing a WikiLeaks-Style Crisis From Hacking Firm’s Data

The data gives unprecedented insight into China’s hacking campaigns and appears to confirm repeated warnings by the FBI about the vast scale of Beijing’s hacking operations

China hacking
The leaked China hacker files detail contracts and targets in about 20 countries and foreign governments, including many of Beijing's neighbours and allies in Asia. Image via Freepik, edited by Aarushi Agrawal.


Cybersecurity experts in the United States and nations across in Asia and around the world have been studying a trove of documents from iSoon, a state-linked hacking group based in Shanghai.

Experts have said the more than 570 files, images and chat logs posted on GitHub last week are credible, despite little being known so far on who the source of the data was.

iSoon has been described as one of a range of firms that state agencies use to collect data. The documents reveal that Chinese intelligence, military and police often hire private contractors to conduct online intrusions against both foreign governments and companies, plus local targets seen as a threat to national security.


ALSO SEE: AI Chiefs Say Deepfakes a Threat to World, Call For Regulation


The data gives unprecedented insight into China’s hacking campaigns and appears to confirm repeated warnings by FBI director Christopher Wray about the vast scale of Beijing’s hacking operations, as well as its threat to critical infrastructure.

Wray told a security conference in Munich last weekend that China’s hacking efforts were larger than those of “every major nation combined,” according to a New York Times report on Thursday (Feb 22), which said China had built a web of independent companies to boost the cyber operations of its intelligence services.


Information sought from targets in 20 countries

The leaked documents detail contracts and targets in about 20 countries and foreign governments, such as India, Taiwan, South Korea, Hong Kong, Thailand, Malaysia and the United Kingdom.

iSoon gathered a large cache of road-mapping data from Taiwan, which analysts said would be useful in the event of a Chinese invasion, plus immigration data from India, call logs from South Korea’s LG U Plus telecom group.

Indeed, it also targeted telecom firms in Kazakhstan, Mongolia, Nepal, Malaysia, Hong Kong and Taiwan.

Information was also sought on many of China’s neighbours in Southeast Asia. Ten government agencies in Thailand, “including the country’s Foreign Ministry, intelligence agency and Senate” were targeted between 2020 and 2022, according to the Washington Post.

The hackers even sought information from close allies like Cambodia and Pakistan.

Curiously, the data contains files of complaints from workers unhappy about their workload and payment (less than $1,000 a month). That has led to a suspicion that a disgruntled former employee may have posted the files on GitHub, while others have suggested it could be the work of a rival hacking group.

The files also indicate the constant struggle that America’s tech giants such as Microsoft, Apple and Google face from hackers, in China and worldwide.

China is also waging a huge surveillance campaign to monitor social media domestically, as well as trawling and responding to posts on Facebook and X (Twitter) that can be seen worldwide.

One of iSoon’s “products” was a $55,600 package to manipulate or “manage” discussions on X (Twitter).

And all of this comes at a time when Julian Assange, the Australian activist who founded WikiLeaks, the most infamous recipient of hacked data, faces a London court on whether to be extradited to the US.

Assange has become a cause celebre in the UK, Europe and in his homeland. Politicians from all parties in Canberra have appealed to Washington to allow him to return home.


  • Jim Pollard




US Cleared Chinese Hackers From Pacific Computer Systems


Chinese Hackers ‘Spying on Critical US Services, Guam’


China is Using AI to Ramp up Espionage, US Says – WSJ


US, Japan Warn of New China Hacker After ‘60,000 Emails Stolen’


Jim Pollard

Jim Pollard is an Australian journalist based in Thailand since 1999. He worked for News Ltd papers in Sydney, Perth, London and Melbourne before travelling through SE Asia in the late 90s. He was a senior editor at The Nation for 17+ years.


AF China Bond