Intrusion Truth – the mysterious Chinese doxing group

People come and go from the large, grey complex, with one tall building towering over a garden facing a road in Tianjin, China. According to alleged Uber receipts and other information posted on a mysterious blog called Intrusion Truth, at least one person traveling to this address is a member of APT10, a Chinese hacking unit that has targeted manufacturing, aerospace, and engineering firms to steal trade secrets, including from the United States.

Intrusion Truth and its controversial approach to unmasking government-backed hackers, act as some sort of retribution, against state-sponsored cyber-espionage.
China has hacked its way to other nation’s manufacturing secrets for years, ransacking military fighter jet schematics and information on solar power, among other industrial treasures. This near constant barrage eventually pushed former President Obama into brokering a deal with Chinese President Xi. In 2015, the two countries reached an agreement to stop hacking focused on the theft of intellectual property. Thanks to that agreement the cybersecurity researchers saw Chinese cyber-espionage dramatically decrease, but this year, however, Chinese hackers stole sensitive data from a Navy contractor.

This is the sort of wide-spanning industrial espionage that Intrusion Truth is particularly motivated against.
If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;

Because WhatsApp’s is very popular among consumers, businesses, and government agencies, hackers will always keep looking for opportunities to do potential scams
WhatsApp had become one of the main communication channels, which is used for sensitive conversations ranging from confidential corporate and government information to criminal incrimination.

This theft damages hard-working individuals, their companies, and entire economies through lost revenue and competition that is completely unfair; until recently, China has been winning—it has acted with impunity, stealing data using commercial hackers that it pays and tasks.
Intrusion Truth first published snippets on APTs—advanced persistent threats; essentially industry parlance for government-backed hackers—last year. This hacker group is focused on APT3, another Chinese group, as well.

Intrusion Truth revealed that APT3 was în fact ‘Boyusec,’ a software-company acting on behalf of China’s Ministry of State Security (MSS) intelligence service.
After arrests were made against multiple APT3 members, Intrusion Truth shifted its focus to APT10, which is another top-tier Chinese cyber-espionage group according to cybersecurity researchers.

Multiple cybersecurity researchers have linked APT10 to hacks against victims in the US, UK, India, and elsewhere, including a mining company, IT service providers, and manufacturing firms. APT10 has a habit of targeting Managed Service Providers (MSPs)—companies that remotely provide tech products to clients—and then using that privileged access to infiltrate their ultimate targets.
Until now Intrusion Truth has published the names of three alleged APT10 hackers.

Cybersecurity companies publishing reports on government hacking groups may provide the real names of hackers to their clients, but usually don’t release them publicly.
Only time can tell if naming individual operators will impact recruiting and retention for those missions. A group of self-described hackers called The Shadow Brokers, and which released a slew of powerful NSA exploits, previously called out multiple government hackers specifically for their work with the NSA.

For now, It is not clear who is behind Intrusion Truth hacker group that hits on government groups.
We would continue to monitor this cyber war. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.