China has accused U.S. intelligence agencies of carrying out a sophisticated cyberattack against one of its foremost commercial cryptography providers, resulting in the theft of vast amounts of sensitive data.
The allegations were announced in a report published Monday by China’s National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT), intensifying digital tensions between the two global powers.
According to CNCERT, the cyberattack occurred earlier this year, when U.S. operatives exploited a previously undisclosed vulnerability in the company’s customer relationship management (CRM) system.
.png
)
This allowed them to implant a highly specialized Trojan, enabling remote control and systematic theft of valuable data. The attackers then moved laterally through the company’s internal network, eventually compromising systems responsible for managing sensitive product and project codes.
The report claims that the breach resulted in the exfiltration of approximately 950 megabytes of confidential business data.
This included records concerning more than 600 users, over 8,000 individual customer profiles, and upwards of 10,000 contract orders, some of which pertained to backbone government agencies.
In addition, CNCERT revealed that roughly 6.2 gigabytes of critical project data – including advanced cryptography research and proprietary development code – were siphoned from the company’s code management platform.
Technical analysis conducted by CNCERT allegedly found that the cyber tools and methods used in the attack bear a striking resemblance to previous operations attributed to U.S. intelligence services.
The report notes that the attacks predominantly took place during U.S. working hours, showcasing considerable expertise in evading detection, such as by frequently switching IP addresses and systematically deleting logs to erase traces of activity.
CNCERT stated it has made extensive details about the incident public, aiming to help other nations and organizations recognize and guard against what it describes as “U.S. cybercrime.”
The organization urged countries worldwide to strengthen their defenses, referencing a growing pattern of state-backed cyber espionage targeting strategic technological infrastructure.
The United States has not yet issued a public response to the latest allegations.
Previously, U.S. officials have regularly denied charges of conducting offensive cyber operations against Chinese enterprises, even as both countries have repeatedly accused each other of cyber intrusions and technology theft in recent years.
As digital security becomes an ever more critical battleground for geopolitical rivalry, experts warn that mutual accusations risk further undermining global cyberspace governance and eroding trust between major technology powers.
The incident underscores the continuing arms race in the cyber domain, with national security, commercial interests, and the privacy of millions at stake.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
