Cybersecurity. Photo: VCG

China’s Ministry of State Security (MSS) disclosed a new case on Monday of foreign espionage activities involving the recruitment of a Chinese software developer who provided “technical services.” This spy agency used “poisoned” software to conduct cyberattacks and steal secrets from dozens of China’s defense and high-tech enterprises.

Wang, a Chinese engineer in the network technology service industry, was approached earlier this year by a foreign software developer who invited him to configure "digital signature certificates" and "antivirus software tests" for its dozens of software products, the MSS said in a post published on its official WeChat account on Monday morning. This was supposed to ensure smooth passage through China's cybersecurity certification and testing, with the promise of high remuneration. 

As their relationship deepened, the software developer asked Wang to use specified software and encrypted links for communication, exhibiting contradictory statements and abnormal behavior. 

Wang realized that the developer was not just a regular commercial entity and that providing "technical services" could potentially allow software with security vulnerabilities to bypass China's cybersecurity regulations and enter the Chinese application market. 

Despite knowing the risks, Wang was tempted by financial gain and established a cooperative relationship with the developer, providing "technical services" for dozens of its software products.

Upon investigation, it was revealed that the foreign developer Wang had partnered with was in reality an overseas spy agency. The software Wang serviced was bundled with specialized Trojan virus programs, which, once activated, could infiltrate and control computers, servers, and other network devices to steal documents, materials, and data. 

This spy agency used the "poisoned" software to conduct cyberattacks and steal secrets from dozens of China's defense and high-tech enterprises, according to the MSS. 

After the situation was uncovered, China's national security authorities promptly informed relevant units, legally handled the situation, and prevented significant harm and losses. Wang also paid a price for his wishful thinking and received administrative penalties according to the law.

Network assets and services, such as digital signatures, certificates, security tests, domain names, cloud servers, and emails, can all be exploited by foreign espionage agencies to carry out cyberattacks and theft, the ministry warned. 

It also warned that cyberspace has become a significant conduit for foreign espionage agencies to infiltrate and steal secrets from China, with increasingly active cyber espionage activities, precise and fierce technical attacks, and continuously emerging methods of theft, posing a severe threat to national security.



Global Times