14 comments

[ 3.7 ms ] story [ 40.7 ms ] thread
Actual repo here: https://github.com/I-S00N but the Twitter thread had a lot of relevant details about its contents.

Documents claim the company has infiltrated the overseas governments of India, Thailand, Vietnam, and South Korea, as well as some NATO systems.

They describe a wide range of malware tools, including custom RATs for all major operating systems, tools for unmasking social media users, DDoS systems, a Tor-like device for agents working overseas, and dedicated hardware disguised as powerstrips or external batteries that can be used to compromise Wifi networks.

Please submit the original source, the Twitter discussion is of little use for those who are not Twitter users, and I guess linking to the original source would lead to a better discussion anyway.
The original source is just their company-internal chat logs, guess someone popped their WeChat for Business. It's too much to quickly pick out the important bits among all the socializing, so there likely won't be much of a discussion without someone providing a summary.

Of course putting the summary on Twitter is not much better.

If you want a more open platform, one of the posters is breaking down and translating all the info here: https://infosec.exchange/@still
Quotable dot points:

* ""All-in-one combat platform" product whitepaper - dated 2022. Appears to be a large internal network for assigning and performing red teaming tasks."

* "what do you mean they stole 3D models of the entire Taiwan and what do you mean it's 459GB"

* "no fucking way you can grade each mission's like an assignment"

* "Microsoft email secrets platform - dated 2022. Basically designed to exfiltrate data or attack Outlook/Exchange. The attacker can use it to create phishing emails."

We forgot about Kazakhstan, idnet.Txt is the provider of Kazakhstan
IDnet.Txt on the root of repo. Login and pass it is pass from telecom. Kz
(comment deleted)
seemingly look like some whistle blower complaining about Anxun's swindling Chinese tax payer with inferior product etc.. don't really see anything of substance in terms of actual data/tools mentioned etc cute but nothing that isn't public knowledge; at least in terms of attack vector..
I am surprised no one has created a torrent yet.