top of page

Chinese Tech Firm Leak Reportedly Exposes State Linked Cyber Attacks

  • Nov 15, 2025
  • 1 min read

Key Findings:


  • Major data leak from Chinese security firm Knownsec (aka Chuangyu) in November 2025, with over 12,000 secret files briefly appearing on GitHub.

  • Leak provided a rare insight into China's government-backed hacking tools and operations.

  • The data theft may have occurred as early as 2023, but the files were taken down quickly.


Background


  • Knownsec is a prominent player in China's cybersecurity industry, having received a significant investment from Tencent in 2015 and working closely with government offices.

  • The stolen files suggest a private company can be deeply involved in national cyber programs, including helping build "cyber weapons" and maintaining a list of international targets.


Stolen Data and Hacking Tools


  • The leaked data includes an overwhelming amount of information, such as 95GB of Indian immigration records, 3TB of South Korean LG U Plus call logs, and 459GB of Taiwanese transport data.

  • The files reveal various hacking tools, including Remote Access Trojans (RATs) and specialized tools for extracting data from popular messaging apps on Android devices.

  • A seemingly harmless malicious power bank was also mentioned, designed to secretly upload data from a victim's device while charging it.


Official Response and Security Lessons


  • The Chinese government, through its Foreign Ministry spokesperson, denied any knowledge of the breach at Knownsec, but did not deny state-associated companies' involvement in cyber intelligence work.

  • Security experts warn that standard antivirus and firewall protection may not be enough anymore, and companies need a stronger, layered defense, combining standard protection with constant network monitoring.


Sources


  • https://hackread.com/chinese-tech-firm-leak-state-linked-hacking/

  • https://www.reddit.com/r/pwnhub/comments/1ox22v9/chinese_tech_firm_leak_exposes_statelinked_cyber/

  • https://www.linkedin.com/posts/lorenzogomezvargas_chinese-tech-firm-leak-reportedly-exposes-activity-7395187807725670400-5rul

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments


  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page