A data leak analysis from a Chinese cybersecurity company TopSec has revealed that it most likely offers censorship-as-a-service solutions to prospective customers, including a state-owned enterprise in the country.
Founded in 1995, the company ostensibly offers services such as Endpoint Detection and Response (EDR) and vulnerability scanning. At the same time, it is also providing "boutique" solutions in order to align with government initiatives and intelligence requirements. This was revealed by SentinelOne researchers Alex Delamotte and Aleksandar Milenkoski in a report.
The data leak contains infrastructure details and work logs from employees, as well as references to web content monitoring services used to enforce censorship for public and private sector customers.
It is believed that the company provided bespoke monitoring services to a state-owned enterprise hit by a corruption scandal, indicating that such platforms are being used to monitor and control public opinion as necessary.
Also present among the data leak is a contract for a "Cloud Monitoring Service Project" announced by the Shanghai Public Security Bureau in September 2024. The project, the document reveals, involves continuous monitoring of websites within the Bureau's jurisdiction with the goal of identifying security issues and content changes, and providing incident alerts.
The cybersecurity firm said the leak was detected after it analyzed a text file that was uploaded to the VirusTotal platform on January 24, 2025. The manner in which the data was leaked remains unclear.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
