I-Soon
   HOME

TheInfoList



Click Here for Items Related To - I-Soon
OR:
I-Soon on:   [Wikipedia]   [Google]   [Amazon]

On 16 February 2024, a series of documents from Chinese information company i-Soon () were leaked on
GitHub GitHub () is a Proprietary software, proprietary developer platform that allows developers to create, store, manage, and share their code. It uses Git to provide distributed version control and GitHub itself provides access control, bug trackin ...
. The documents showed that the company emerged with several hacking and cyber espionage activities with the Chinese government. After the leak, the Chinese government's role in cyberwarfare and its connection with private Internet companies became the focus of international attention and media investigation.


Leak and investigation

On 21 February 2024, TeamT5 (), a Taiwanese cybersecurity group, found an unknown link and downloaded it, and found it was a leak from a Chinese information company called "i-Soon". The company served as a contractor to the Ministry of State Security,
Ministry of Public Security Ministry of Public Security can refer to: * Ministry of Justice and Public Security (Brazil) * Ministry of Public Security of Burundi * Ministry of Public Security (Chile) * Ministry of Public Security (China) * Ministry of Public Security of Co ...
, and
People's Liberation Army The People's Liberation Army (PLA) is the military of the Chinese Communist Party (CCP) and the People's Republic of China (PRC). It consists of four Military branch, services—People's Liberation Army Ground Force, Ground Force, People's ...
. The leaked content includes various contracts, internal meeting records, and cyber attack techniques. It also revealed the company's collaboration with the Chinese government and a hacker group "
APT41 Double Dragon is a hacker group with alleged ties to the Chinese Ministry of State Security (MSS). Classified as an advanced persistent threat, the organization was named by the United States Department of Justice in September 2020 in relation to ...
", involvement in cyber espionage, and its internal problems. The leaked documents also indicated that i-Soon hacked into government systems, telecommunications companies, and non-governmental organization websites in Asian and European countries to gain access and steal their data. The main targets included
India India, officially the Republic of India, is a country in South Asia. It is the List of countries and dependencies by area, seventh-largest country by area; the List of countries by population (United Nations), most populous country since ...
,
Hong Kong Hong Kong)., Legally Hong Kong, China in international treaties and organizations. is a special administrative region of China. With 7.5 million residents in a territory, Hong Kong is the fourth most densely populated region in the wor ...
,
Taiwan Taiwan, officially the Republic of China (ROC), is a country in East Asia. The main geography of Taiwan, island of Taiwan, also known as ''Formosa'', lies between the East China Sea, East and South China Seas in the northwestern Pacific Ocea ...
,
South Korea South Korea, officially the Republic of Korea (ROK), is a country in East Asia. It constitutes the southern half of the Korea, Korean Peninsula and borders North Korea along the Korean Demilitarized Zone, with the Yellow Sea to the west and t ...
, and
Malaysia Malaysia is a country in Southeast Asia. Featuring the Tanjung Piai, southernmost point of continental Eurasia, it is a federation, federal constitutional monarchy consisting of States and federal territories of Malaysia, 13 states and thre ...
. Some further reports found that their target were extended to the
United Kingdom The United Kingdom of Great Britain and Northern Ireland, commonly known as the United Kingdom (UK) or Britain, is a country in Northwestern Europe, off the coast of European mainland, the continental mainland. It comprises England, Scotlan ...
, the
Czech Republic The Czech Republic, also known as Czechia, and historically known as Bohemia, is a landlocked country in Central Europe. The country is bordered by Austria to the south, Germany to the west, Poland to the northeast, and Slovakia to the south ...
, the
European Union The European Union (EU) is a supranational union, supranational political union, political and economic union of Member state of the European Union, member states that are Geography of the European Union, located primarily in Europe. The u ...
, and the
United States The United States of America (USA), also known as the United States (U.S.) or America, is a country primarily located in North America. It is a federal republic of 50 U.S. state, states and a federal capital district, Washington, D.C. The 48 ...
. In addition, the documents showed that i-Soon had deceived the Chinese government and their internal issues, including financial problems, product quality, and low wages and treatments against its employees. The
BBC The British Broadcasting Corporation (BBC) is a British public service broadcaster headquartered at Broadcasting House in London, England. Originally established in 1922 as the British Broadcasting Company, it evolved into its current sta ...
and the
NHK , also known by its Romanization of Japanese, romanized initialism NHK, is a Japanese public broadcasting, public broadcaster. It is a statutory corporation funded by viewers' payments of a television licence, television license fee. NHK ope ...
launched their own independent investigation into the documents and concluded that the documents were authentic. The NHK reporters have visited the i-Soon office, only to find it was already empty. The NHK published a documentary of their investigation in September 2024. In the documentary, the NHK found the company had close ties with the Chinese " People's Police". The time when the target was discussed matched the time when the target was attacked. NHK also found that i-Soon had provided a detailed manual for
Twitter Twitter, officially known as X since 2023, is an American microblogging and social networking service. It is one of the world's largest social media platforms and one of the most-visited websites. Users can share short text messages, image ...
to manipulate its public opinion. The documentary used Fukushima radioactive water discharge and 2023 Taiwanese anti-Indian migrant worker protest as examples of how China triggers cognitive warfare by spreading
misinformation Misinformation is incorrect or misleading information. Misinformation and disinformation are not interchangeable terms: misinformation can exist with or without specific malicious intent, whereas disinformation is distinct in that the information ...
. In March 2025, the
United States Attorney's Office United States attorneys are officials of the U.S. Department of Justice who serve as the chief federal law enforcement officers in each of the 94 U.S. federal judicial districts. Each U.S. attorney serves as the United States' chief federal c ...
of the Southern District of New York and the District of Columbia prosecuted several persons involved with i-Soon for their malicious activities. The
United States Department of Commerce The United States Department of Commerce (DOC) is an executive department of the U.S. federal government. It is responsible for gathering data for business and governmental decision making, establishing industrial standards, catalyzing econ ...
sized the company's domain and VPS. The department also issued a sanction against the company.


Reaction

The
Ministry of Foreign Affairs of the People's Republic of China The Ministry of Foreign Affairs of the People's Republic of China is the first-ranked Ministries of the People's Republic of China, executive department of the State Council of China, responsible for the country's Foreign relations of China, f ...
denied the attack, stating that China "opposes and punishes any form of cyber attacks in accordance with the law". ''
Le Monde (; ) is a mass media in France, French daily afternoon list of newspapers in France, newspaper. It is the main publication of Le Monde Group and reported an average print circulation, circulation of 480,000 copies per issue in 2022, including ...
'' doubts the ministry's denial and believes it is not convictable since the evidence is quite clear. Julian Ku, legal scholar of
Hofstra University Hofstra University is a Private university, private research university in Hempstead, New York, United States. It originated in 1935 as an extension of New York University and became an independent college in 1939. Comprising ten schools, includ ...
, said hiring private companies to help with national security and cyberattacks is "inexpensive and effective". Chris Balding, an American economist, said the leak was not surprising, despite being quite noticeable.


See also

*
Chinese information operations and information warfare The People's Republic of China engages in information warfare through the People's Liberation Army (PLA) and other organizations affiliated or controlled by the Chinese Communist Party (CCP). Laid out in the Chinese Defence White Paper of 2008, i ...
*
Cyberwarfare and China Cyberwarfare is the strategic use of computer technology to disrupt the functions of a state or organization, specifically through the deliberate targeting of information systems for military or tactical purposes. In the People's Republic of Chin ...


References


Further reading

* * * * *


External links

* * {{Hacking in the 2020s February 2024 Cyberwarfare by China 2024 in China Data breaches Cyberattacks Internet leaks Chinese information operations and information warfare Hacking in the 2020s Domain name seizures by United States