Analysis of the Chinese TopSec cybersecurity company’s leak analysis that it probably offers censorship-like services for potential customers, including a state-owned enterprise in the country.
Founded in 1995, Topsec allegedly offers services such as identifying and end -points (EDR) and vulnerability scan. But it also provides a “boutique” solution to coordinate with state initiatives and exploration requirements, Sentinelone researchers Alex Delomot and Alexandar Milenkoski – Note In a report that shared with Hacker News.
Data leak contains details of infrastructure and work magazines from employees, as well as links to web monitoring services used to fulfill censorship for public and private sector customers.
It is believed that the company provided monitoring services for a state -owned enterprise that has suffered from a corruption scandal, which indicates that such platforms are used to control and control public opinion as needed.
Among the data leak is a contract for the Monitoring Service project, announced by the Shanghai Public Security Bureau in September 2024.
The project, as the document shows, provides for constant monitoring of the web -rests within the bureau of jurisdiction in order to identify security and changes in content, as well as providing accidents.
In particular, the platform has been designed to seek the presence of hidden links in the web -content as well as those containing sensitive words related to political criticism, violence or pornography.
While the exact targets are incomprehensible, it is suspected that such notifications can be used by customers for the following actions such as warning release, delete contents, or restriction of access when detecting sensitive words. With this, Shanghai Anheng Smart City Security Technology Technology Co. Won the contract, according to public documents analyzed by Sentinelone.
Cybersecurity firm said the leak was detected after analyzing the text file that was downloaded to the viral platform on January 24, 2025. The warehouses that the data were shut up remains unclear.
‘The main file we have analyzed.
“In addition to working magazines, the leak contains many commands and books used to manage TopSec services using several common Devops and infrastructure technologies used worldwide, including Ansible, Docker, Elasticalch, Gitlab, Kafka, Kibana, Kibana, Kibana, Kibana, Kibana, Kibana, Kibana Kubernetes and Redis. “
Also found links to another basis with the name Sparta (or Sparda), which is allegedly designed to process sensitive words by obtaining the content from the web -application down by API Graphql, which once again assumes the monitoring of keyword censorship.
“These leaks give an idea of a complex ecosystem of relations between state structures and cybersecurity companies in China’s private sector,” the researchers said.
“While in many countries there is a significant intersection between the requirements of the government and the cybersecurity firms of the private sector, the connections between these organizations in China are much deeper and are an understanding of the state in the management of public opinion through online recovery.”
