Cybernews reports that several documents leaked on GitHub have revealed the Chinese government's utilization of spyware developed by homegrown information security firm I-Soon in its offensive cyber operations.
Numerous devices, including those with Wi-Fi functionality, have been leveraged by attackers using the I-Soon spyware to facilitate the exfiltration of hardware information, media files, contacts, and other sensitive data from Android and iOS devices, according to Taiwanese security researcher Azaka Sekai, who discovered the exposed documents, which were in Mandarin. Attacks with the spyware also enabled the compromise of the Paris Institute of Political Studies and major Indian private hospital network Apollo Hospitals, as well as Kazakhstan-based telecommunications providers Tele2 and Beeline, and numerous government organizations in countries near China. Sekai also noted that the exposed documents detailed earnings from spyware activity. Despite being touted to provide insights into how China operates its cyber operations, the veracity of the leaked files has not yet been confirmed by other security researchers.
Numerous devices, including those with Wi-Fi functionality, have been leveraged by attackers using the I-Soon spyware to facilitate the exfiltration of hardware information, media files, contacts, and other sensitive data from Android and iOS devices, according to Taiwanese security researcher Azaka Sekai, who discovered the exposed documents, which were in Mandarin. Attacks with the spyware also enabled the compromise of the Paris Institute of Political Studies and major Indian private hospital network Apollo Hospitals, as well as Kazakhstan-based telecommunications providers Tele2 and Beeline, and numerous government organizations in countries near China. Sekai also noted that the exposed documents detailed earnings from spyware activity. Despite being touted to provide insights into how China operates its cyber operations, the veracity of the leaked files has not yet been confirmed by other security researchers.
