Silk Typhoon spun a web of patents for offensive cyber tools, report says
Security researchers have uncovered more than a dozen patents for offensive cybersecurity tools filed by Chinese companies allegedly tied to Beijing's Silk Typhoon espionage crew.
SentinelLabs, the research arm of SentinelOne, rifled through a newly unsealed indictment from the US Department of Justice and identified at least 16 patents linked to China's Ministry of State Security (MSS) that were filed between 2014 and 2020 by two now-infamous front companies: Shanghai Powerock and Shanghai Huayun Firetech.
Both companies were previously linked to the Silk Typhoon crew, also known by the Microsoft moniker "Hafnium," which first made headlines in 2021 after exploiting zero-day flaws in Microsoft Exchange to compromise tens of thousands of systems worldwide. The Chinese government crew is also believed to be behind the December break-in at the US Treasury Department.
While Silk Typhoon's handiwork has been well documented, these newly surfaced patents shed light on the tools behind the operation: utilities for decrypting hard drives, network traffic sniffers, forensic software, and even spyware tools designed to remotely recover files from Apple devices, which SentinelLabs researcher Dakota Cary notes has "not been documented as a capability used by Hafnium or any related threat actor groups."
