Latest news with #I-Soon
NBC News
06-03-2025
- Politics
- NBC News
U.S. charges Chinese hackers and government officials in broad cybercrime campaign
WASHINGTON — Twelve Chinese nationals — including mercenary hackers, law enforcement officers and employees of a private hacking company — have been charged in connection with global cybercrime campaigns targeting dissidents, news organizations, U.S. agencies and universities, the Justice Department said Wednesday. A set of criminal cases filed in New York and Washington add new detail to what U.S. officials say is a booming hacking-for-hire ecosystem in China, in which private companies and contractors are paid by the Chinese government to target victims of particular interest to Beijing in an arrangement meant to provide Chinese state security forces cover and deniability. The indictments come as the U.S. government has warned of an increasingly sophisticated cyber threat from China, such as a hack last year of telecom firms called Salt Typhoon that gave Beijing access to private texts and phone conversations of an unknown number of Americans, including U.S. government officials and prominent public figures. One indictment charges eight leaders and employees of a private hacking company known as I-Soon with conducting a sweeping array of computer breaches around the world meant to suppress speech, locate dissidents and steal data from victims. Among those charged is Wu Haibo, who founded I-Soon in Shanghai in 2010 and was a member of China's first hacktivist group, Green Army, and who is accused in the indictment of overseeing and directing hacking operations. Earlier reporting by The Associated Press on leaked documents from I-Soon mainly showed I-Soon was targeting a wide range of governments such as India, Taiwan or Mongolia, but little on the United States. But the indictment contains new revelations about I-Soon's activities targeting a wide range of Chinese dissidents, religious organizations and media outlets based in the U.S., including a newspaper identified as publishing news related to China and opposed to the Chinese Communist Party. Other targets included individual critics of China living in the U.S., the Defense Intelligence Agency and a research university. The intended targets were in some cases directed by China's Ministry of Public Security — two law enforcement officers were charged with tasking certain assignments — but in other instances the hackers acted at their own initiative and tried to sell the stolen information to the government afterward, the indictment says. The company charged the Chinese government the equivalent of between approximately $10,000 and $75,000 for each email inbox it successfully hacked, officials said. Phone numbers listed for I-Soon on a Chinese corporate registry rang unanswered, and I-Soon representatives did not immediately respond to an AP email requesting comment. A spokesperson for the Chinese Embassy in Washington, Liu Pengyu, suggested Wednesday that the allegations were a 'smear' and said, 'We hope that relevant parties will adopt a professional and responsible attitude and base their characterization of cyber incidents on sufficient evidence rather than groundless speculation and accusations.' A separate indictment charges two other Chinese hackers, identified as Yin Kecheng and Zhou Shuai, in a for-profit hacking campaign that targeted victims including U.S. technology companies, think tanks, defense contractors and health care systems. Among the targets was the U.S. Treasury Department, which disclosed a breach by Chinese actors late last year in what it called a 'major cybersecurity incident.' The Treasury Department announced sanctions Wednesday in connection with the hacking, and the State Department announced multimillion-dollar rewards for information about the defendants. I-Soon is part of a sprawling industry in China, documented in an AP investigation last year, of private hacking contractors that steal data from other countries to sell to the Chinese authorities. Over the past two decades, Chinese state security's demand for overseas intelligence has soared, giving rise to a vast network of these private hackers-for-hire companies that have infiltrated hundreds of systems outside China. China's hacking industry rose in the early days of the internet, when Wu and other Chinese hackers declared themselves 'red hackers' — patriots who offered their services to the Chinese Communist Party, in contrast to the anti-establishment ethos popular among many coders. The indictment 'proved the close ties and interaction among China's first generation patriotic hackers,' said Mei Danowski, a cybersecurity analyst who wrote about I-Soon on her blog, Natto Thoughts. They 'all turned to entrepreneurs now — doing businesses with the governments and making profits through other means.' Since I-Soon documents were leaked online last year, the company has been suffering but is still in operation, according to Chinese corporate records. They've downsized and moved offices. 'Apparently i-SOON companies have been struggling to survive,' Danowski wrote on her blog. 'To Chinese state agencies, a company like i-SOON is disposable.'
Axios
05-03-2025
- Politics
- Axios
U.S. indicts Chinese hackers in sweeping cyber espionage case
Federal authorities have charged 10 individuals and two Chinese government officials on Wednesday in connection to several high-profile Beijing-backed intrusions. Why it matters: The U.S. alleges that these individuals helped carry out a wide-reaching Chinese espionage campaign that targeted U.S. government agencies, state governments, news services, universities, defense contractors, law firms, and critical infrastructure. Catch up quick: The people either worked for Silk Typhoon — the Chinese hacking team linked to last year's Treasury breach — or for I-Soon, an offensive "hacker-for-hire" contractor that was exposed in an extensive online document leak last year. The leaked documents, which were publicly available on GitHub, detailed I-Soon's clients and targets. The big picture: The indictment offers one of the clearest insights yet into the shadowy world of offensive cyber contracting — a common practice among the world's superpowers. The Justice Department also seized the web infrastructure that both the Silk Typhoon and I-Soon hackers used in their attacks. A spokesperson for the Chinese embassy did not immediately respond to a request for comment. Zoom in: According to one indictment, I-Soon hacked a range of U.S. victims, including: The Defense Intelligence Agency, the Department of Commerce and the International Trade Administration; Two New York City-based newspapers, including one that publishes news related to China and is opposed to the Chinese Communist Party; A massive religious organization with millions of members; The New York State Assembly and a state research university; A D.C.-based news service that "delivers uncensored domestic news to audiences in Asian countries, including China;" and Several foreign ministries across southeast Asia. Meanwhile, according to a second indictment, the two hackers linked to Silk Typhoon targeted: U.S. technology and defense contractors working with the Pentagon and intelligence agencies; A university-based academic health system with servers in California; A major law firm with hundreds of attorneys specializing in corporate and intellectual property; A municipal government in the U.S.; and A D.C. think tank specializing in defense policy and a law firm that works on IP theft issues. Between the lines: The indictment reveals new details about how I-Soon worked with Beijing, including how much it charged, how long it worked on these efforts and more. I-Soon is believed to have worked with at least 43 different bureaus of China's Ministry of State Security and Ministry of Public Security across 31 different provinces and municipalities, according to the FBI. The company also charged the agencies between $10,000 and $75,000 for each email inbox it successfully hacked, according to the indictment. Sometimes I-Soon worked at the direction of the agencies and other times it would conduct its own hacks and then sell either the network access or data stolen from those targets to the Chinese government. The intrigue: I-Soon would train Chinese government employees to hack on their own, and it sold various tools to help them carry out their attacks. One of those products gave customers the ability to write phishing emails, create malware-laced files and clone websites, according to the U.S. Justice Department. Reality check: China is unlikely to extradite the indicted individuals, but the charges do bar them from traveling to the United States or allied countries where they could be arrested. Go deeper: Leaked documents detail inner-workings of China's vast hacking operations
The Hill
05-03-2025
- Business
- The Hill
US charges Chinese hackers, government officials in broad cyberespionage campaign
WASHINGTON (AP) — Eight leaders or members of a Chinese hacking company have been charged alongside two Chinese law enforcement officers in a global cyberespionage campaign that targeted dissidents, news organizations and U.S. agencies, the Justice Department announced Wednesday. A set of criminal cases adds new detail to what U.S. officials say is a hacking-for-hire ecosystem in China, in which private companies and contractors are paid by the Chinese government to target victims of particular interest to Beijing. One indictment charges officials with a private hacking company known as I-Soon, whose officials conducted a sweeping array of breaches around the world as part of what U.S. officials say was a broad intelligence-gathering operation. The targets were in some cases directed by China's Ministry of Public Security — two law enforcement officers were also charged — but in other instances the hackers acted at their own initiative and tried to sell the stolen information to the government afterward, the indictment says. The company charged the government the equivalent of between approximately $10,000 and $75,000 for each email inbox it successfully hacked, officials said. Among the targets of the hacking was the U.S. Treasury Department, which disclosed a breach by Chinese actors late last year in what it called a 'major cybersecurity incident.' Phone numbers listed for I-Soon on a Chinese corporate registry rang unanswered, and I-Soon representatives did not immediately respond to an AP email requesting comment. A spokesperson for the Chinese Embassy in Washington suggested that the allegations were a 'smear' and said, 'We hope that relevant parties will adopt a professional and responsible attitude and base their characterization of cyber incidents on sufficient evidence rather than groundless speculation and accusations.' A separate indictment charges two other Chinese hackers in a for-profit hacking campaign that targeted victims including U.S. technology companies, think tanks, defense contractors and health care systems. I-Soon is part of a sprawling industry in China, documented in an Associated Press investigation last year, of private hacking contractors are companies that steal data from other countries to sell to the Chinese authorities. Over the past two decades, Chinese state security's demand for overseas intelligence has soared, giving rise to a vast network of these private hackers-for-hire companies that have infiltrated hundreds of systems outside China.
Boston Globe
05-03-2025
- Business
- Boston Globe
US charges Chinese hackers, government officials in broad cyberespionage campaign
I-Soon is part of a sprawling industry in China, documented in an Associated Press investigation last year, of private hacking contractors are companies that steal data from other countries to sell to the Chinese authorities. Over the past two decades, Chinese state security's demand for overseas intelligence has soared, giving rise to a vast network of these private hackers-for-hire companies that have infiltrated hundreds of systems outside China. Advertisement
Yahoo
05-03-2025
- Yahoo
US charges Chinese hackers, government officials in broad cyberespionage campaign
WASHINGTON (AP) — Ten Chinese hackers have been charged alongside two Chinese law enforcement officers in a global hacking campaign that targeted dissidents, news organizations and U.S. agencies, the Justice Department announced Wednesday. The hacking by workers of I-Soon was done in some cases at the direction of China's Ministry of Public Security, which received the stolen information and selected targets for the intrusions as part of what U.S. officials say was a massive intelligence-gathering operation. Among the targets of the hacking was the U.S. Treasury Department, which disclosed a breach by Chinese actors late last year. See for yourself — The Yodel is the go-to source for daily news, entertainment and feel-good stories. By signing up, you agree to our Terms and Privacy Policy. I-Soon is part of a sprawling industry in China, documented in an Associated Press investigation last year, of private hacking contractors are companies that steal data from other countries to sell to the Chinese authorities. Over the past two decades, Chinese state security's demand for overseas intelligence has soared, giving rise to a vast network of these private hackers-for-hire companies that have infiltrated hundreds of systems outside China.
