The document has now been removed from GitHub, where it was originally posted, but the identity and motives of the person who leaked it remain a mystery. But according to the Associated Press, Zhang said the document appears to be authentic, a fact confirmed by two i-Soon employees, and that the company and Chinese police are investigating the leak. It was reported that they were doing so.
“There are about eight categories of leaked files. They detail how i-Soon interacted with Chinese national security authorities, as well as i-Soon's products and financial issues,” Chan said. “More importantly, we discovered documents detailing how i-Soon supported the development of the infamous remote access trojan (RAT) ShadowPad,” he added. I did. ShadowPad malware has been used by Chinese hacker groups since at least 2017.
Since the file was first made public, security researchers have been scrutinizing its contents and analyzing the documents. According to the report, these included references to software running disinformation campaigns about X, details of efforts to access communications data across Asia, and targets within governments such as the UK and India. That's what it means. new york times And that washington post. The documents also reveal how i-Soon worked for China's Ministry of State Security and People's Liberation Army.
According to SentinelOne researchers, the file also includes photos of “custom hardware snooping devices” such as power banks that could be useful in stealing data and company marketing materials. “The company boasted about its past counterterrorism efforts in order to get jobs in Xinjiang, where China has destroyed millions of Ugyufur people in what the United Nations Human Rights Council calls a genocide,” the researchers wrote. “The company has listed other terrorism-related targets it has previously hacked, including targeting counter-terrorism centers in Pakistan and Afghanistan, as evidence of its ability to carry out these missions.”
The Federal Trade Commission has fined antivirus company Avast $16.50 for collecting and selling people's web browsing data through browser extensions and security software. This includes details about web searches and sites people visit, and according to the FTC, people's “religious beliefs, health concerns, political leanings, location, economic status, and exposure to children's content.” visits, and other confidential information.” In the order announcing the fine, the FTC said the company sold the data through its Jumpshot subsidiary.
This ban also imposes five obligations on Avast. Do not sell or license browsing data for advertising purposes. Obtain consent when selling data from products other than Avast. Delete the information and algorithms created from the data transferred to Jumpshot. Tell your customers about the data you sold. and introducing new privacy programs to address issues identified by the FTC. An Avast spokesperson said that while the company “disagrees with the FTC's characterization of the allegations and facts,” it is “pleased to be able to resolve this matter.”
Haotian Sun and Pengfei Xue, two Chinese nationals living in Maryland, were found guilty of mail fraud and mail fraud conspiracy in a scheme to send 5,000 counterfeit iPhones to Apple. The pair, who could each face up to 20 years in prison, wanted Apple to send them real phones in exchange, according to The Register. The fake phone had a “spoofed serial number and his IMEI number” to trick Apple stores and authorized service providers into thinking it was real. The scam occurred between May 2017 and September 2019 and may have cost Apple more than $3 million, according to a press release from the U.S. Department of Justice.
Security researchers in the United States and China have created a new side-channel attack that can reconstruct people's fingerprints from the sounds made when they swipe their phone's screen. The researchers used the device's built-in microphone to capture the “faint fricative sounds” made by the fingers, and used these sounds to create a fingerprint. “PrintListener attack scenarios are widespread and covert,” the researchers wrote in a paper detailing their work. “Within five attempts, up to 27.9 percent of partial fingerprints and 9.3 percent of complete fingerprints can be attacked.” And that's raising concerns about real-world hackers.
