Geek, Tech, Web

Intruding on the Truth: China’s Security Ministry and APT17

When people hear the terms “cyber-espionage” or “hacker”, they assume someone in a pullover hoodie, locked in his room, writing a bunch of script in a command prompt, all so they can access someone’s bank account.  However, there are hackers who decide to take the law into their own hands for the good of the people.

One such group is Intrusion Truth, a hacking group dedicated to exposing the cyber-espionage that the Chinese government is guilty of.

The First Sighting 


Intrusion Truth introduced themselves to the media in their self-titled blog with posts that analyzed APT3, an “advanced persistent threat” run by three private citizens under the Chinese security company, Boyusec.

APT3 was responsible for stealing confidential information from Western companies, and Intrusion Truth showed a disdain for this, or any type of, theft.  Actually, this crime is the main target of Intrusion Truth.

After their posts and analysis into Boyusec and the three citizens behind it, Boyusec shut down without so much as a whimper, leaving Intrusion Truth victorious.  APT3 was over. However, Intrusion Truth was far from done.

Keeping the Steam

US indicts Chinese hackers for corporate espionage

The deep dive into APT3 happened over the course of 2 months, April to May, in 2017.  It was only a year later that Intrusion Truth made a mainstream comeback with their analysis into APT10.

However, this analysis revealed that the Tianjin branch of the Chinese Ministry of State Security was behind the cyber-espionage attacks of APT10. Not only that, but Intrusion Truth was able to identify multiple individuals in the case.

APT10 was presented as one of the biggest cyber-espionage attacks of Western history, targeting the clients and servers of managed I.T. service providers.

Intrusion Truth’s work, along with companion FireEye, helped expose the Chinese government’s illegal actions to the world, but the world remained quiet.  Despite the government of one country purposefully stealing information from another, the attack barely made headline news.

But Intrusion Truth isn’t in this for the fame or glory, they’re in it to keep the Chinese government on their toes, and they’re in the process of doing this once again with their new posts on APT17.

Sinking Their Teeth

Intrusion Truth has made headlines again with their new exposé on the Jinan branch of the Chinese Security Ministry, who is now-known to be the party behind APT17.

While they claim that the CSM being behind the attack shouldn’t be surprising, it’s still a terrifying prospect of what the Chinese government has gotten away with that we don’t know about, yet anyways.

Two of the individuals that Intrusion Truth exposed work directly with the Jinan branch, while the other one lives in the city of Jinan only.

According to them and FireEye, a report like this shouldn’t be surprising to any cyber security specialist.  As the years have passed, China has been culminating a bigger and bigger list of attacks on Western nations, including the theft of confidential information I mentioned earlier.

Fighting the Law


The work of Intrusion Truth represents more than a few citizens who want to better their country.  Intrusion Truth represents the new need of citizens having to take the law into their own hands. 

Now, I’m not saying you should undergo vigilantism, but there is a dire need for expert hackers to become a vigilante.  We’ve hit a point in our world where governments take action without the transparency that the people demand, where cyber-war is becoming the new norm.

All of this happening while us citizens can only use some VPN software for privacy protection and call our government officials, the latter probably doing less than nothing.  There is a place in society for the people who do more.  

Intrusion Truth is only one group of the many who are cropping up.  There is a global need for cyberheroes to fight the cybercriminals. Will it be enough is the true question.

You Might Also Like