Anxun

Anxun Information Technology Co., also known as iSoon, has been identified as a significant threat actor in the realm of cybersecurity. A data leak revealed on February 18, 2024, disclosed the company's strong ties to the Chinese government through various contracts. This leak, which originated from an anonymous source and was posted on Github, exposed Anxun's role as a private industry contractor for the Chinese Ministry of Public Security (MPS). The leaked information confirmed suspicions about China's state-sponsored cyber espionage operations, with Anxun playing a crucial part. The leaked data included various details that shed light on Anxun's deceptive practices and internal issues. Links 0-1 discuss how the company deceived the national security agency, while links 2-10 reveal a series of employee complaints. Furthermore, links 11-13 present information regarding Anxun’s financial problems. These insights show a company dealing with internal strife and unethical practices, even as it engages in activities detrimental to national and international cybersecurity. Moreover, the data leak unveiled Anxun's extensive infiltration into overseas government departments, including those of India, Thailand, Vietnam, South Korea, NATO, and others, as discussed in links 39 to 60. Chat records between Anxun’s top boss Wu Haibo and his second boss Chen Cheng, found in link 14, provided further evidence of the company's illicit activities. It was also revealed that Anxun executives used a combination of late-night parties, alcohol, women, and loyalty to party ideology to woo government officials and secure lucrative contracts. This combination of domestic and international deception highlights Anxun's status as a serious threat actor in global cybersecurity.