A network security company closely associated with China’s national security system has been discovered to have applied for multiple aggressive network technology patents, including the ability to remotely recover Apple device files without physical contact. Network researchers believe that these technologies may be linked to Chinese-supported hacker organizations like “Silk Typhoon,” indicating an ongoing escalation of China’s cyber espionage activities.
On July 30th, multiple overseas media outlets revealed that Firetech, a well-known Chinese network security company based in Shanghai, had applied for over ten aggressive technology patents, including the capability to remotely recover Apple device files without physical contact. According to a report recently released by SentinelLabs, a research team under the U.S. network security company SentinelOne, Firetech in China has submitted over a dozen patents in recent years, involving sensitive technologies such as “remote evidence collection,” “smart home forensics” (extracting and analyzing data from devices), and “Apple device data recovery.”
The report pointed out that Firetech’s patents demonstrate a high level of expertise in “remote penetration” and “covert forensics,” with some technical features highly similar to tools used by the “Silk Typhoon” organization previously accused by the U.S. Department of Justice. This organization, believed to have cooperation with the Shanghai branch of China’s national security agency, has conducted attacks targeting global entities including COVID-19 vaccine research institutions.
In July this year, the U.S. Department of Justice indicted two Chinese hackers, Xu Zewei and Zhang Yu, alleging that they were employed by a company linked to Shanghai’s Firetech and involved in attacks against U.S. vaccine research institutions between 2020 and 2021. It is claimed that Xu Zewei, upon successful intrusion, handed over researchers’ email content to the Shanghai police. Following his arrest in Italy in early July, Xu was extradited to the U.S. for trial.
Chinese network engineer Mr. Li, interviewed by Epoch Times, stated that in recent years, the Chinese Communist Party (CCP) has shifted its network strategy from defense to offensive actions, with targets predominantly in the U.S., Europe, and Japan. He said, “These situations have long existed, with broad targets, and the developed technologies possess national-level network warfare capabilities, with a level of systematization far exceeding traditional hacker tools. Their purposes are both to steal technology and information, and for intelligence reconnaissance and counter-espionage.”
SentinelLabs specifically noted that a highly scrutinized patent technology by Firetech claims the ability to remotely recover data within Apple devices without any physical contact. Researchers pointed out that such functionality had not previously appeared in toolkits of known Chinese-supported hacker organizations like “Silk Typhoon” or “Hafnium,” potentially representing a significant breakthrough for China’s cyber army.
Regarding this, Mr. Li added that CCP-supported hacker teams typically have multilingual capabilities, including Russian and Korean, with targets spread globally. “They are dispersed around the world, and some have been involved in technical research at companies like Google and Apple. After last year’s layoffs at Google’s tech department, it is rumored that some individuals were recruited by Chinese companies with high salaries.”
In addition to Apple devices, Firetech has also submitted multiple patents related to smart home systems, including “smart home analytics platform,” “remote home network control system,” and “smart home evidence collection system.” These technologies are considered to have environmental monitoring, behavioral modeling, and remote monitoring functions, potentially seriously infringing on user privacy.
Researcher Dakota Cary of SentinelLabs stated in the report, “The types and complexity of technologies developed by Firetech surpass even the known attack tools of ‘Silk Typhoon’ and ‘Hafnium.’ China’s national security agencies are rapidly expanding their network warfare capabilities through private enterprises.”
Network researcher Zhang Jie (pseudonym) currently residing in Australia told Epoch Times that the patents applied by Shanghai’s Firetech may just be the tip of the iceberg. He said that China’s current methods of stealing foreign data are more covert and technologically advanced than before: “The CCP outsources sensitive tasks through private companies, develops antivirus software and provides VPN services under the guise of legitimate corporations to evade international accountability. The West still lacks sufficient attention to this issue, usually requiring reports from specialized teams before foreign governments begin to intervene.”
Journalists attempted to contact Firetech but had not received any response by the time of publication.
While the reports above could not confirm the widespread deployment of these technologies, security experts are generally concerned that similar, seemingly “legitimate” network tools are quietly building a secretive and powerful national-level intelligence acquisition system. Researchers caution that as the boundaries blur between the CCP government and private enterprise, future cyber attacks will be increasingly difficult to track and hold accountable.
Zhang Jie stated that with the continued escalation of CCP’s cyber offensives, the patent case of Shanghai’s Firetech has garnered significant international attention. How to effectively guard against national-level cyber espionage activities while safeguarding technological development and commercial innovation is becoming a common challenge faced by governments and security organizations worldwide.