Inside An Xun: Creating pornographic websites, phishing gambling websites, deceiving national security agencies, selling NATO internal information

Recently, information from Shanghai Anxun Information Company was suspected to be leaked by internal staff on GitHub, revealing a massive amount of information. It showed that Anxun provides a variety of "cybersecurity services", such as remote access and control of computer and mobile devices, or querying information of social media accounts, as well as deploying an “internet water army” outside the firewall. Additionally, sensitive information related to national information security was revealed, indicating that the company has infiltrated government departments in NATO as well as in several Asian countries including India, Thailand, Vietnam, and South Korea, and has obtained confidential information.

In the exposé, it can be seen that both iPhone and Android phones can be remotely controlled by them, and designated Twitter accounts can be controlled too. In the process of business development, various dramas were staged, such as impersonating competitors and "dog-eat-dog," targeting customer service computers of gambling websites with phishing.

In the whistleblower’s GitHub account, Anxun is playing a big game:

Special Note: The following content all comes from the whistleblower on GitHub: https://github.com/I-S00N/I-S00N

The truth: Shanghai Anxun is unreliable who scams national government agencies

• Anxun deceives national security agencies
• Employees’ complaints
• Anxun financial issues
• Chat records between Anxun's top leader Wu Haibo and second-in-command Chen Cheng
• Anxun's low-quality products
• Exposing Anxun's products
• Anxun infiltrates overseas government departments, including India, Thailand, Vietnam, South Korea, NATO, etc.
• Anxun employees’ information
• Anxun deceives national security agency

"Juan, does the company really actively create pornographic and nude chat websites?"

This dialogue reveals that Anxun company is suspected of creating pornographic and nude chat websites, however, whether for phishing or proving as "performance", it's unclear.

The following chat record is a bit horrifying:

From this chat record, it can be seen that they were discussing "selling national secrets". Fortunately, they stopped just short of courting disaster. Overall, this is still an internal contradiction among the people, and there is still a chance for redemption.

Employees’ complaints

It is normal for employees to complain, especially during the pandemic, when employees are struggling, and the bosses even more so.

But what kind of experience is it to have all the company’s work group chats on WeChat recorded?

Take a look at this:

Doesn't it make you feel a bit emotional? The soldier has no bullet, and the boss's home has no food.

Shouldn't they depend on each other and overcome the difficulties together? How did they come to the point of hurting each other and openly posting on GitHub?

There were several appearances of the cute Duck Boss, who eventually became an angry Duck Boss, demanding everyone to clock in:

Therefore, many people's promising careers in companies often end up in the hands of the CEO's assistant (regardless of gender).

Anxun financial issues

Finance: Boss, the sales team may go on a collective strike, what should we do?

Boss: Firing them all wouldn't be too much!

At the end of the year, it's indeed a time of polarization within the sales team, but saying "firing them all wouldn't be too much" may sound authoritative, and should just listen and let it go. However, the camp may be solid, but the soldiers are ever-changing. Without seeing the subsequent actions, the company should still persist.

Chat records between Anxun's top leader Wu Haibo and second-in-command Chen Cheng

Boss: "The boy has done a lot of good phishing!"

Above mentioned Anxun creating pornographic and nude chat websites, and the following set of chat records between the company's top two executives confirmed their "dog-eat-dog," targeting some gambling websites with phishing and making catches:

Anxun's low-quality products

Unable to sell NATO Secretary General's information?

Sell it cheaper! I want to buy a bag.

They obtained information on NATO Secretary General, Jens Stoltenberg, but the customer interest was not high, and the male employee lamented whether it could be sold cheaper because he wanted to buy a bag.

It made the author look again for half a day, indeed not a female hacker, but wanting to buy a bag for his girlfriend.

Exposing Anxun's products

Simply looking at one of their price lists, the first impression is that there is nothing they cannot do.

This is about operations related to Twitter accounts:

Their introduction to iOS remote control management system:

After reading these, everyone knows why there have been so many pornographic accounts on Twitter these past two years? In fact, most of these accounts are bought and sold. The author has briefly inquired, learning that a 10-year-old Twitter account could fetch around USD 50-100. Whether someone has utilized Anxun's service in this regard is unknown.

Anxun infiltrates overseas government departments, including India, Thailand, Vietnam, South Korea, NATO, etc.

The author has seen many presentation decks from cybersecurity companies, but this is the first time to see 'endorsed by central authorities' written on a presentation slide in terms of achievements.

In the details of the disclosure, there are many documents named after certain government departments of some countries. However, since they are only screenshots of file lists, it is impossible to judge their authenticity.

Anxun employees’ information

In the author's opinion, the whistleblower should not have shared information about employees’ information. Hence, for visual purposes, this is represented with a cropped screenshot, but if you are interested, you can hop over to GitHub to delve deeper. There are a lot of content, from the bosses to the minions, detailing how much they earn in a year, how much tax they pay, all written clearly.

As of now, Anxun has a total of five companies, with the Sichuan company having the highest number of personnel, totaling 99 people.

Bonus

Overall, An Xun's business is not just a makeshift operation, but rather a widespread and comprehensive endeavor. From hardware for circumventing internet censorship to controlling online commentators, from folders of NATO Secretary General's documents to encrypted Word files from the Indian government, everything is readily available. Who would have thought that even internal chats could become a precious cup of 'tea' in history?

Cybersecurity is not only a national security issue but also an international security issue.

Currently, Shanghai Anxun Information Company has not yet made an official response to this matter. Cybersecurity professionals generally believe that the company needs to publish detailed investigation results and comprehensively review possible security vulnerabilities. Meanwhile, this incident has also sparked calls for strengthened regulation of the cybersecurity industry. It is believed that relevant national departments will intervene in the investigation in a timely manner, clarify the truth of the data leak, assess the potential impact of the leak on national security, and take corresponding measures to prevent similar incidents from happening again.

In the digital age, cybersecurity has become a matter of national security and even an international security issue. The Anxun incident once again reminds all cybersecurity entities to strengthen internal management, strictly comply with laws and regulations, ensure technology is not misused, and jointly maintain a healthy and orderly cyberspace.

(The above information is compiled based on publicly available data on GitHub. Any infringement will be removed upon request.)