Particle.news

Download on the App Store

SentinelLabs Uncovers MSS-Backed Patents Powering Silk Typhoon Espionage

Analysis shows front companies tied to China’s state security bureau patented at least 16 tools used in Silk Typhoon’s espionage operations

Overview

  • SentinelLabs' new research uncovers over a dozen offensive cyber espionage patents filed by front firms including Shanghai Powerock and Shanghai Firetech.
  • The patents describe capabilities ranging from encrypted endpoint data harvesting and Apple device forensics to remote intrusion of routers and smart home devices.
  • In July, U.S. indictments accused Xu Zewei and Zhang Yu of directing the 2021 ProxyLogon Exchange breaches for the MSS and named Shanghai Heiying Information Technology among their corporate fronts.
  • Evidence shows these firms operated under the Shanghai State Security Bureau’s direction, reflecting a tiered structure of state-sponsored hacking contractors.
  • Experts warn that the scope of patented tooling indicates distribution of capabilities across regional MSS offices, complicating attribution as Beijing denies involvement.