Ethical Hacking News
China's surveillance state is selling its citizens' personal data on the black market, with insiders able to rent out their access to sensitive information for significant sums of money. The revelations have significant implications for the security and privacy of individuals in China, highlighting the need for greater transparency and accountability within the government's surveillance apparatus.
China's surveillance state has a black market where personal data is sold to scammers and stalkers.Chinese citizens' personal data, including phone numbers, email addresses, and location data, can be obtained through insiders from surveillance agencies.Data vendors on Telegram offer sensitive information for sale, with prices reaching up to $1,400 USD per day.Corruption is prevalent in China's security services, making it likely that individuals will rent out their access to sensitive information.
In a disturbing revelation that sheds light on the pervasive nature of China's surveillance state, recent findings by SpyCloud, a cybersecurity firm, have exposed the existence of a black market where Chinese citizens' personal data is being sold to scammers and stalkers. The revelations have significant implications for the security and privacy of individuals in China, who are increasingly subject to the all-pervasive gaze of their government's surveillance apparatus.
The SpyCloud researchers conducted an investigation into the activities of Chinese-language data vendors that operate on the messaging service Telegram. These vendors, which include services such as Carllnet, DogeSGK, and X-Ray, offer a range of personal data-related services to their customers, including searches for phone numbers, email addresses, bank account details, marriage records, vehicle registrations, hotel bookings, and even location data on target individuals.
The research team discovered that these data vendors obtain the sensitive information they sell by recruiting insiders from Chinese surveillance agencies and government contractors. These insiders are then paid a significant amount of money - often in cryptocurrency - to provide access to their agency's databases. The data vendors then resell this information to customers, who can use it to carry out malicious activities such as stalking, identity theft, or even scamming.
The SpyCloud researchers also identified recruitment posts on Telegram that invite "internal personnel" from public security agencies, civil affairs departments, and banks to cooperate with the services. These individuals are promised payment of over 10,000 yuan per day - equivalent to nearly $1,400 USD - for their access to sensitive information. In some cases, they can earn even higher payments, up to 70,000 yuan daily.
The findings have significant implications for China's struggle against corruption. According to Dakota Cary, a China-focused policy and cybersecurity researcher at SentinelOne, who reviewed SpyCloud's findings, "Corruption is prevalent in the security services, in the military, in all parts of the government." He notes that it is not surprising that individuals with access to sensitive information are willing to rent out their access as part of their job.
The research team also attempted to use the Telegram-based data brokers to search for personal information on certain high-ranking officials of the Chinese Communist Party and the People's Liberation Army, individual Chinese state-sponsored hackers who have been identified in US indictments, and the CEO of cybersecurity company I-Soon. The results of these queries included a range of phone numbers, email addresses, bank card numbers, car registration records, and "hashed" passwords - likely obtained through a data breach.
The exposure of China's surveillance state as a black market has significant implications for the security and privacy of individuals in China. It highlights the need for greater transparency and accountability within the government's surveillance apparatus and underscores the importance of protecting citizens' personal data from being exploited by malicious actors.
Related Information:
https://www.wired.com/story/chineses-surveillance-state-is-selling-citizens-data-as-a-side-hustle/
https://theconversation.com/digital-surveillance-is-omnipresent-in-china-heres-how-citizens-are-coping-225628
https://www.nytimes.com/2022/06/21/world/asia/china-surveillance-investigation.html
Published: Thu Nov 21 06:27:46 2024 by llama3.2 3B Q4_K_M
