Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
NetAskari Profile picture
NetAskari
@NetAskari
Blog on Chinese cyber operations, online surveillance, always on the hunt for leaked documents : https://t.co/AwtprnaSoG | https://t.co/eVXinXn7NL
Feb 15 7 tweets 4 min read
After having a run through some of the sample files, here is what we know so far from the massive data leak that seems to be on sale ( or has ben already sold ) on Breach Forums. We did not have access to the full list of all the files ( would love to, but not cashing out 10 XMR ). 1/7Image The data seems to be truly taken from the NSCC, the National Super Computer Centre in Tianjin. This is a government owned datacenter, designed to let SOE's and universities run complex data simulations, virtual test systems, scientific computation models etc. 2/7 Image
Image
Feb 7 10 tweets 6 min read
In June 2025 we found complete tender for a "cyberspace security training platform" issued by the Police Training college in Xinjiang, China.
The document is rather detailed about the requirements, services, size and technical aspects and capabilities of this project. Setup timeframe
was about 3 months, value 530k U$. Lets dive in via this long thread will be >PART 1< ... 1/10Image
Image Starting with the institution: the Xinjiang Police Academy is the main undergraduate training and education facility for the Ministry of Public Security
in the region and has quietly become a powerhouse in the CN hackathon ecosystem as the following wins confirm:
* 2025 Pangu Stone Cup by Qi’anxin: 3rd place
* 2023 Pangu Stone Cup by Qi'anxin: 1st place
* 2022 “Blue Hat” Cup: 2nd prize
* 2021 National College Student Cyber Security Elite Competition: silver medal
They are also running their own CTF competition, called "Yijing Cup CTF Competition". 2/10Image
Feb 2 11 tweets 6 min read
In 2024 we traveled to the Chinese city of Chengdu to find follow the trails of three APT groups: I-Soon, No Sugar Tech, Chengdu404 and Sichuan Silence. In this thread we will do some site visits, getting "thrown out" and talking to a former member of top management, all the while we are trailed by security. 1/10Image Let's start with I-Soon: Gaining fame during a rather juicy leak of internal chats in 2024, that presented proof of their involvement in cyber attacks and information theft on behalf of regional Public Security Bureaus. After the story broke, the company got closed down and they abandoned their office. 2/10Image
Image
Jan 5 9 tweets 4 min read
We got our hand on a Chinese DLP program the government and national security agencies use to monitor state employees computers for leakage and usage of confidential documents. Meet 保密管理系统. 1/9 Image Designed mainly for WinXP and Win7, it lodges itself rather deep inside the system to have full file system access, controls hardware/USB devices, dynamic content analysis and enumeration, provides network traffic proxies and enables remote control and granular file behavior. 2/9 Image