- 12,000+ classified documents reveal deep links between Knownsec and Chinese state cyber operations
- The breach involved Remote Access Trojans capable of attacking global operating systems
- Researchers found 95GB of immigration data stolen from India’s national databases
A recent data breach at Chinese security firm Knownsec has exposed over 12,000 classified files linked to state-owned cyber operations.
The leaked materials reportedly include details of “cyber weapons”, internal AI tools and an extensive list of international targets.
The incident has not only exposed technical data, but also shown how deeply embedded a private company can be in national cyber programs.
Leaks reveal China’s goals
Despite swift takedown efforts on GitHub, where some files briefly surfaced, the content has already circulated among researchers and intelligence analysts.
The documents appear to provide a rare look into China’s cyber ecosystem, showing links between Knownsec and various government departments.
The leaked files outline a number of global targets, naming over twenty countries and regions, including Japan, Vietnam, India, Indonesia, Nigeria and the UK.
Among the most troubling revelations are spreadsheets purportedly detailing attacks on 80 foreign targets, including critical infrastructure and telecommunications companies.
Data attributed to these breaches include 95GB of immigration records from India, 3TB of call logs from South Korea’s LG U Plus, and 459GB of transportation data from Taiwan.
Experts examining the files have noted the presence of remote access trojans (RATs) capable of compromising Linux, Windows, macOS, iOS and Android systems.
Android malware found in the files reportedly enables the extraction of information from popular Chinese messaging apps and Telegram.
Additionally, the documents mention hardware hacking devices used by Knownsec.
This includes a sophisticated malicious power bank capable of surreptitiously uploading data to victims’ systems.
The findings suggest that such operations were broader and more organized than previously thought.
Beijing has officially denied the report, with a Foreign Ministry spokesperson stating that it was not aware of any Knownsec breach and reaffirming: “China firmly opposes and fights all forms of cyber attacks in accordance with the law.”
While the statement removes the government from the incident, it stops short of denying links between the state and companies engaged in cyber-intelligence work.
Standard antivirus programs and firewall protection, while necessary, are limited against such advanced infiltration tactics.
Standard antivirus programs and firewall protection, while necessary, are limited against such advanced infiltration tactics.
Cyber experts argue that organizations must adopt a more layered defense approach that combines traditional security measures with real-time monitoring, rigorous network segmentation and careful use of AI tools for threat detection.
Via Mrxn (originally in Chinese)
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
