-
A dark web forum member claims to have stolen test data and reports from China’s Rocket Force and Cyber Force.
-
The seller is targeting think tanks but is open to any buyer with a “fair budget,” accepting escrow and cryptocurrency.
-
This follows a massive alleged breach in April of a Chinese supercomputer containing over 10 petabytes of sensitive data.
A hacker is claiming to have hit a goldmine of Chinese military secrets. The individual says they have breached test data and reports from several high-level PLA units. They are now actively looking for buyers.
A Disturbing Listing on a Dark Web Forum
A member of a dark web forum posted an announcement that turned heads. They claim to have stolen sensitive information from China’s military. The post reads like a sales pitch.
“Our team is deciding to sell our fresh Chinese PLA data,” the hacker wrote. They want ‘only serious buyers’ to contact them. The group mentions think tanks as ideal customers. But they are open to anyone with the right budget.
The list of compromised PLA units is staggering. It includes the Chinese People’s Liberation Army Cyberspace Force Technology Research Institute. Another victim is the Institute of Science and Technology Information of the Rocket Force.
The hacker also claims data from the Middle East and African Affairs Analysis Division. The list goes on to include satellite early warning and shipborne electromagnetic systems. Even the Institute of Biological and Medical Engineering appears on it.
The seller promises to provide samples to prove the haul is real. They accept “ALL FORMS OF ESCROW” for safe transactions. The hacker even shared contact details on Matrix, Jabber, Tox, and Telegram. They set up a Telegram channel for future updates on the sale.
A Second Major Breach in Two Months
This scary listing is not an isolated event. It comes just weeks after another massive alleged breach. Earlier last month, a hacker called “FlamingChina” posted evidence that shows he stole a massive amount of data from a supercomputer that belonged to the government of China.
On February 6 they posted a sample on a private Telegram channel. The alleged dataset is over 10 petabytes in size. To put that in perspective, a high-end laptop holds just one terabyte. This haul is thousands of times larger.
According to some experts, the threat actor pulled the data from the National Supercomputing Center in Tianjin. This hub serves over 6,000 clients. These include advanced science and defense agencies.
The compromised information allegedly contains missile schematics and classified defense documents. It also includes research on aerospace, bioinformatics, and fusion simulation.
How Did the Hackers Get in?
The method for the April supercomputer heist sounds alarmingly simple. A cybersecurity researcher named Marc Hofer spoke to the alleged attacker. The hacker claims they got in through a compromised VPN domain. For a complete breakdown of this 10-petabyte breach, including what data was allegedly taken and how the hacker is selling it, read our full coverage here.
Once they got inside, they deployed a botnet. This network of automated programs slowly extracted the data, which took about six months. A SentinelOne consultant, Dakota Cary, checked out the samples. He said the method was effective but not technologically amazing.
The attacker simply pulled small amounts of data from many different servers. This low-and-slow approach helped them avoid triggering any alarms. The hacker is now offering a preview of the dataset for thousands of dollars. Full access costs hundreds of thousands, paid in cryptocurrency.
A Pattern of Weak Cybersecurity
Experts say these breaches point to a deeper problem. Cybersecurity has long been a known weakness in China. The government has even acknowledged this itself. A database with personal info of up to a billion citizens once sat unprotected online some years back.
Cary told CNN that China has “really had poor cybersecurity for a very long time.” He added that this is true across many industries and organizations. If these two alleged breaches are real, they represent a major intelligence windfall. The first hacker wants to sell military test data to the highest bidder. The second is sitting on a 10-petabyte treasure chest of national secrets.
China’s Ministry of Science and Technology has not commented publicly. The Cyberspace Administration of China stayed silent. But let’s be real, the data’s out there. Right now, it’s just another item for sale on the dark web.
