Intrusion Truth, an online group of anonymous cyber-security analysts, have doxed another cyber-espionage hacking group linked to the Chinese government.
This is the third Chinese cyber-espionage group (also known as an APT, or advanced persistent threat) that Intusion Truth has doxed in as many years.
They previously revealed the secret identities of individuals part of two Chinese hacker groups in May 2017 and August 2018 -- namely APT3 and APT10.
Those revelations resulted in the Department of Justice (DOJ) indicting some of the group's members in November 2017 and December 2018, respectively.
Another year, another Chinese APT dox
Now, Intrusion Truth is back with another series of exposés. Over the past week, the shadowy white-hat group has published details about three individuals it believes are behind APT17.
APT17 is a codename -- together with Deputy Dog and Axiom -- that cyber-security firms have assigned to the group of hackers responsible for a series of similar cyberattacks that have happened in the early 2010s [1, 2, 3, 4, 5], and which have targeted everything from private companies to government agencies, in countries all over the world.
The thing the three have in common is their location in the city of Jinan, the capital of China's Shandong province.
According to Intrusion Truth, these three individuals are some of APT17's members, and they are allegedly operating as contractors for the Jinan bureau of the Chinese Ministry of State Security (MSS), for which they carried out on-demand hacking operations.
In 2017, when Intrusion Truth first made its bold claims that APT3 was a company named Boyusec, a Guangdong contractor for the Chinese Ministry of State Security, the cyber-security world had a hard time believing their claims.
At the time, Recorded Future's report described the MSS internal structure, and how the Chinese government was using a network of local MSS branches in major provinces to hire independent contractors to conduct hacking against foreign companies and government networks.
Taking into account these details, Intrusion Truth's latest exposé that APT17 is run by a local MSS bureau isn't such a shocker as it was back in 2017.
After the APT3 and APT10 exposés, people aren't wondering if Intrusion Truth is right anymore. The question on everyone's lips is if the DOJ will follow through with new indictments, as it did in previous years.
A constant hum from Chinese hackers
But while the cyber-security world waits for new charges, Chinese hackers are continuing their hacking sprees, unabatted by both past DOJ charges or name-and-shame strategies.
Today, newspapers in France and Germany revealed two massive Chinese hacking operations, which, even if not connected to APT17, show China's incredibly vast cyber-espioange aparatus.