Particle.news

Download on the App Store

SentinelLabs Uncovers MSS-Backed Patents Powering Silk Typhoon Espionage

Analysis shows front companies tied to China’s state security bureau patented at least 16 tools used in Silk Typhoon’s espionage operations

Hacker tools made by Chinese companies
Image

Overview

  • SentinelLabs' new research uncovers over a dozen offensive cyber espionage patents filed by front firms including Shanghai Powerock and Shanghai Firetech.
  • The patents describe capabilities ranging from encrypted endpoint data harvesting and Apple device forensics to remote intrusion of routers and smart home devices.
  • In July, U.S. indictments accused Xu Zewei and Zhang Yu of directing the 2021 ProxyLogon Exchange breaches for the MSS and named Shanghai Heiying Information Technology among their corporate fronts.
  • Evidence shows these firms operated under the Shanghai State Security Bureau’s direction, reflecting a tiered structure of state-sponsored hacking contractors.
  • Experts warn that the scope of patented tooling indicates distribution of capabilities across regional MSS offices, complicating attribution as Beijing denies involvement.