- More than 12,000 classified documents reveal deep links between Knownsec and Chinese state cyber operations
- The breach involved remote access Trojans capable of attacking global operating systems.
- Investigators found 95GB of immigration data stolen from India’s national databases
A recent data breach at Chinese security firm Knownsec has revealed more than 12,000 classified files linked to state-owned cyber operations.
The leaked materials reportedly include details about “cyber weapons,” internal artificial intelligence tools, and an extensive list of international targets.
The incident has not only exposed technical data but has also demonstrated the extent to which a private company can be integrated into national cyber programs.
Leak reveals China’s objectives
Despite rapid takedown efforts on GitHub, where some files briefly appeared, the content has already circulated among researchers and intelligence analysts.
The documents appear to offer a rare look into China’s cyber ecosystem, showing links between Knownsec and various government departments.
The leaked files outline a number of global targets, naming more than twenty countries and regions, including Japan, Vietnam, India, Indonesia, Nigeria and the United Kingdom.
Among the most troubling revelations are spreadsheets purportedly detailing attacks on 80 foreign targets, including telecommunications and critical infrastructure companies.
The data attributed to these breaches includes 95 GB of immigration records from India, 3 TB of LG U Plus call logs from South Korea, and 459 GB of transportation data from Taiwan.
Experts who examined the files noted the presence of Remote Access Trojans (RATs) capable of compromising Linux, Windows, macOS, iOS and Android systems.
The Android malware found in the files allegedly allows the extraction of information from popular Chinese messaging apps and Telegram.
Additionally, the documents mention hardware hacking devices used by Knownsec.
This includes a sophisticated malicious power bank capable of secretly uploading data to victims’ systems.
The findings suggest that such operations were more extensive and organized than previously assumed.
Beijing has officially denied the report, with a Foreign Ministry spokesperson stating it was not aware of any Knownsec breach and reaffirming: “China firmly opposes and combats all forms of cyber attacks in accordance with the law.”
Although the statement distances the government from the incident, it does not go so far as to deny the links between the State and companies dedicated to cyber intelligence work.
Standard antivirus programs and firewall protections, while essential, are limited against such advanced infiltration tactics.
Standard antivirus programs and firewall protections, while essential, are limited against such advanced infiltration tactics.
Cyber experts argue that organizations must adopt a more layered defense approach, combining traditional safeguards with real-time monitoring, strict network segmentation and the careful use of artificial intelligence tools for threat detection.
Through mrxn (originally in Chinese)
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
