...

Leaked Files Show the Secret World of China’s Hackers for Hire

Leaked Files Show the Secret World of China’s Hackers for Hire

China has increasingly turned to private companies in campaigns to hack foreign governments and control its domestic population.

The hackers offered a menu of services, at a variety of prices.

A local government in southwest China paid less than $15,000 for access to the private website of traffic police in Vietnam. Software that helped run disinformation campaigns and hack accounts on X cost $100,000. For $278,000 Chinese customers could get a trove of personal information behind social media accounts on platforms like Telegram and Facebook.

The offerings, detailed in leaked documents, were a portion of the hacking tools and data caches sold by a Chinese security firm called I-Soon, one of the hundreds of enterprising companies that support China’s aggressive state-sponsored hacking efforts. The work is part of a campaign to break into the websites of foreign governments and telecommunications firms.

The materials, which were posted to a public website last week, revealed an eight-year effort to target databases and tap communications in South Korea, Taiwan, Hong Kong, Malaysia, India and elsewhere in Asia. The files also showed a campaign to closely monitor the activities of ethnic minorities in China and online gambling companies.

The data included records of apparent correspondence between employees, lists of targets and material showing off cyberattack tools. Three cybersecurity experts interviewed by The New York Times said the documents appeared to be authentic.

Taken together, the files offered a rare look inside the secretive world of China’s state-backed hackers for hire. They illustrated how Chinese law enforcement and its premier spy agency, the Ministry of State Security, have reached beyond their own ranks to tap private-sector talent in a hacking campaign that United States officials say has targeted American companies and government agencies.

“We have every reason to believe this is the authentic data of a contractor supporting global and domestic cyberespionage operations out of China,” said John Hultquist, the chief analyst at Google’s Mandiant Intelligence.

We are having trouble retrieving the article content.

Please enable JavaScript in your browser settings.


Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.


Thank you for your patience while we verify access.

Already a subscriber? Log in.

Want all of The Times? Subscribe.

Discover more from WIREDGORILLA

Subscribe now to keep reading and get access to the full archive.

Continue reading