Breaking: KnownSec - Databreach
One of China's most prolific developers of digital forensic tools for the Chinese security services and provider of "cyber weapons" might have undergone a major data leak.
HERE IS A SLIGHTLY LONGER, MORE COMPREHENSIVE PIECE ON THE DATA LEAK:
This morning reports on Chinese accounts on twitter surfaced about a major data breach with the well known Chinese cyber security company: KnownSec ( 创宇的 ).
Apparently an insider has extracted a sizeable number of internal documents ( 12,000 is the claim) about the internal business relations, staffing information and technical aspects of the companies offensive cyber product line as the blogger Mrxn revealed.
The data apparently is from 2023 and so far we could only see a few screenshots of two PDF files that are apparently product brochures, that are claimed to have been made public, but so far we could not get our hands on it.
And a pdf that holds information about a "Key target library”, holding a listing of external servers of foreign institutions and governments, including India and a more extensive listing on Taiwanese infrastructure. But more countries are listed like the United States, Australia, the UK, Thailand, Malaysia, Canada, New Zealand, Philippines, Pakistan and many more. What exactly the have on each country is not clear so far.
At this stage it is not clear if that is just compiled recon data for “target practice" or if they are actively exploitable options. Either way, that is good indicators that KnownSec is actively involved in offensive operations from the Chinese side.
Their client list seems also be equally impressive and shows a lot of ties to the CN PLA and other state institutions:
Apparently the whole dataset was uploaded on Github but was taken down due to violation of the platforms rules shortly after.
We will keep an eye on it and hope we can reveal soon more.
If you have anything to share concerning this story, please reach out via deaddrop.netaskari.online .
Man, asymmetric effects are insane in this realm. This is so much power that a small number of actors can wield when the reach into the infrastructure, communications, and personal data of millions of people.
At the same time, it reveals how fragile even “strong” systems are: a single insider or small group can suddenly flip the visibility, turning secret tools and target lists into a “gold mine” for everyone else to examine. Which… scares me more.
Wow! This is huge.