- More than 12,000 classified documents reveal deep links between Knownsec and Chinese state cyber operations
- The breach involved remote access Trojans capable of attacking global operating systems.
- Researchers discovered 95GB of immigration data stolen from Indian national databases
A recent data breach at Chinese security firm Knownsec revealed more than 12,000 classified files linked to state-owned cyber operations.
The leaked documents reportedly include details of “cyberweapons,” internal AI tools and a long list of international targets.
The incident not only exposed technical data, but also showed how deeply embedded a private company can be in national cyber programs.
Leak reveals China targets
Despite rapid removal efforts on GitHub, where some files appeared briefly, the contents have already circulated among researchers and intelligence analysts.
The documents appear to offer a rare glimpse into China’s cyber ecosystem, showing links between Knownsec and various government ministries.
The leaked files outline a number of global targets, naming more than twenty countries and regions, including Japan, Vietnam, India, Indonesia, Nigeria and the United Kingdom.
Among the most disturbing revelations are spreadsheets that reportedly detail attacks on 80 foreign targets, including critical infrastructure and telecommunications companies.
Data attributed to these breaches includes 95GB of immigration records from India, 3TB of call logs from the LG U Plus from South Korea, and 459GB of transportation data from Taiwan.
Experts reviewing the files noted the presence of Remote Access Trojans (RATs) capable of compromising Linux, Windows, macOS, iOS and Android systems.
Android malware found in the files would extract information from popular Chinese messaging apps and Telegram.
Additionally, the documents mention hardware hacking devices used by Knownsec.
This includes a sophisticated malicious power bank capable of secretly downloading data onto victims’ systems.
The results suggest that these operations were larger and more organized than previously thought.
Beijing officially denied the report, with a Foreign Ministry spokesperson saying it was not aware of any Knownsec breach, reaffirming that “China firmly opposes and combats all forms of cyberattacks in accordance with the law.”
Although the statement distances the government from the incident, it does not deny ties between the state and companies engaged in cyber intelligence work.
Standard antivirus programs and firewall protections, while essential, are limited against these advanced infiltration tactics.
Standard antivirus programs and firewall protections, while essential, are limited against these advanced infiltration tactics.
Cyber experts say organizations need to take a layered defense approach, combining traditional protections with real-time monitoring, strict network segmentation and careful use of AI tools for threat detection.
Via Monsieurxn (originally in Chinese)
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
