In June 2025 we found complete tender for a "cyberspace security training platform" issued by the Police Training college in Xinjiang, China.
The document is rather detailed about the requirements, services, size and technical aspects and capabilities of this project. Setup timeframe
was about 3 months, value 530k U$. Lets dive in via this long thread will be >PART 1< ... 1/10
Starting with the institution: the Xinjiang Police Academy is the main undergraduate training and education facility for the Ministry of Public Security
in the region and has quietly become a powerhouse in the CN hackathon ecosystem as the following wins confirm:
* 2025 Pangu Stone Cup by Qi’anxin: 3rd place
* 2023 Pangu Stone Cup by Qi'anxin: 1st place
* 2022 “Blue Hat” Cup: 2nd prize
* 2021 National College Student Cyber Security Elite Competition: silver medal
They are also running their own CTF competition, called "Yijing Cup CTF Competition". 2/10

In 2024 we traveled to the Chinese city of Chengdu to find follow the trails of three APT groups: I-Soon, No Sugar Tech, Chengdu404 and Sichuan Silence. In this thread we will do some site visits, getting "thrown out" and talking to a former member of top management, all the while we are trailed by security. 1/10 Let's start with I-Soon: Gaining fame during a rather juicy leak of internal chats in 2024, that presented proof of their involvement in cyber attacks and information theft on behalf of regional Public Security Bureaus. After the story broke, the company got closed down and they abandoned their office. 2/10

We got our hand on a Chinese DLP program the government and national security agencies use to monitor state employees computers for leakage and usage of confidential documents. Meet 保密管理系统. 1/9 Designed mainly for WinXP and Win7, it lodges itself rather deep inside the system to have full file system access, controls hardware/USB devices, dynamic content analysis and enumeration, provides network traffic proxies and enables remote control and granular file behavior. 2/9