Intrusion Truth: the group of anonymous researchers fighting Chinese cybercriminals

For a few years now the team of so-called researchers Intrusion Truth has mastered in revealing many of the biggest secrets of hacking communities, gaining some relevance for fans of these issues. After a period of relative inactivity, this April 30, Intrusion Truth’s Twitter account started a countdown ensuring that “something new” would be revealed after five days.

As some users may know, Intrusion Truth is a group of self-determined analysts that emerged in 2017 and made up of alleged anonymous security researchers. Since its inception, this group has revealed all kinds of information never before known, such as the identities of alleged hackers sponsored by the Chinese government.

Over nearly 4 years, Intrusion Truth has published dozens of highly detailed reports with a wealth of information on the most advanced hacking societies; many of them associated with Chinese intelligence agencies. Multiple intelligence agencies and cybersecurity firms have analyzed the reports published by this group, concluding that these are legitimate leaks.

On the objectives of this group, a couple of years ago an alleged member stated that its main objective was to carry out a counter-espionage task in the West due to China’s growing cyberwar campaigns: “This espionage causes intellectual property theft, which is detrimental to companies in the West, employees and economies internationally.”

China’s government has repeatedly been accused of stealing trade secrets from various companies in the U.S., as well as stealing confidential information from the American military: “China turns to malicious hackers to do their dirty work, allowing them to delinquen from any investigation if hackers are caught,” the anonymous expert said.

On the other hand, experts emphasize that Intrusion Truth often focuses its efforts on filtering information related to groups identified as Advanced Persistent Threats (APT). One of the first leaks of this group was related to APT3, a cybercriminal group also identified as Gothic Panda, Buckeye or UPS Team. 

At the time, Intrusion Truth claimed that a software company called Boyusec was behind this APT group. In addition, Intrusion Truth openly pointed to Chinese citizens Wu Yingzhuo and Dong Hao as the main operators of boyusec’s attacks.

Since then, Intrusion Truth has published the names of multiple Chinese hacking groups, their members and a list of alleged attack targets, including technology companies, security firms and government agencies in the West. Many of the signs made by this group have been backed by independent researchers and cybersecurity firms, so every new Intrusion Truth ad is seriously anticipated and analyzed.

No details are yet known about the information that will be revealed once the Intrusion Truth countdown ends, although the cybersecurity community knows it could be a big revelation about cybercriminal groups operating on Asian territory. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.