google.com, pub-8701563775261122, DIRECT, f08c47fec0942fa0
USA

A hacker has allegedly breached one of China’s supercomputers and is attempting to sell a trove of stolen data

A hacker has allegedly breached one of China’s supercomputers and is attempting to sell a trove of stolen data

A hacker allegedly stole a large amount of sensitive data, including highly classified defense documents and missile schematics, from a state-run Chinese supercomputer; This could potentially be the largest known data heist from China. Chinese.

The data set, which allegedly contains more than 10 petabytes of sensitive information, is believed to have been obtained from the National Supercomputing Center (NSCC) in Tianjin, a central hub that provides infrastructure services to more than 6,000 customers across China, including advanced scientific and defense institutions, experts said.

Cyber ​​experts who spoke to the alleged hacker and examined samples of stolen data he posted online said they were able to gain access to the massive computer relatively easily and export huge amounts of data undetected for several months.

An account calling itself FlamingChina posted a sample of the alleged dataset on an anonymous Telegram channel on February 6, claiming it contained “research in a variety of fields, including aerospace engineering, military research, bioinformatics, fusion simulation, and more.”

The group claims the information is linked to “top organizations” such as the Aviation Industry Corporation of China, China Commercial Aircraft Corporation and the National University of Defense Technology.

CNN has reached out to China’s Ministry of Science and Technology as well as the Cyberspace Administration of China for comment.

The National Supercomputer Center building in Tianjin, China, on August 18, 2015 – Simon Song/South China Morning Post/Getty Images

Cybersecurity experts who reviewed the data say the group offered a limited preview of the alleged dataset for thousands of dollars and full access for hundreds of thousands of dollars. Payment was requested in cryptocurrency.

CNN cannot verify the origin of the alleged dataset and the claims made by FlamingChina, but has spoken to multiple experts whose initial assessments of the leak indicate that it is real.

The alleged sample data appeared to include documents marked “secret” in Chinese, as well as technical files, animated simulations, and images of defense equipment including bombs and missiles.

“These are exactly what I expected to see from the supercomputing center,” said Dakota Cary, a consultant at cybersecurity firm SentinelOne, which focused on China and examined samples placed online from the alleged attack.

“You use supercomputer centers for large computing tasks. The stacks of samples offered by vendors really speak to the breadth of customers that this supercomputer center has,” Cary said.

He added that most of these customers will have little reason to maintain their own supercomputing infrastructure independently.

intelligence value

The Tianjin center, the first of its kind in China when it opened in 2009, is one of several supercomputing centers located in major cities such as Guangzhou, Shenzhen and Chengdu.

The size of the dataset will make it attractive to hostile state intelligence services, according to Marc Hofer, a cybersecurity researcher and author of the NetAskari blog.

“They’re probably the only ones who have the capacity to work through all that data and come back with something useful.”

To put the scale in perspective: One petabyte equals 1,000 terabytes, and a high-spec laptop usually holds around one terabyte.

“There are leaks from China’s cyber ecosystem that I’m familiar with that are selling very quickly,” Cary told CNN. “I’m sure there are many governments around the world that are interested in some of the data from the NSCC, but many of the interested governments may already have the data.”

How did the hacker gain access?

Hofer, who examined the leak sample, said that he was able to contact a person who claimed to have carried out the hack via Telegram. The attacker claimed to have gained access to the Tianjin supercomputer via a compromised VPN domain.

Once inside, the attacker told Hofer that they had deployed a “botnet,” a network of automated programs that could hack into NSCC’s system and then extract, download, and store data. It took approximately six months to extract 10 petabytes of data.

CNN could not independently verify the hacker’s account of Hofer.

Cary said the approach is more about architecture than technical complexity.

“You can think of it as having a bunch of different servers that you have access to, and you’re pulling data through this hole in NSCC’s security, some to one server, some to another,” he said.

By distributing the extraction across many systems simultaneously, the attacker reduced the risk of triggering an alert. Cary said someone on the defense side is less likely to notice small amounts of data leaving the system compared to large amounts of data going to one place.

Cary added that while the method is effective, it’s not particularly unique.

“There was nothing particularly incredible about the way they uncovered this information, at least from what I had read,” he said.

Staff members walk past the Tianhe-1 supercomputer at the National Supercomputer Center in Tianjin, China, on November 2, 2010. - VCG/Getty Images

Staff members walk past the Tianhe-1 supercomputer at the National Supercomputer Center in Tianjin, China, on November 2, 2010. – VCG/Getty Images

vulnerabilities

The alleged breach, if real, points to a potentially deeper vulnerability in China’s technology infrastructure as it competes with the United States to become a world-class technology innovator and artificial intelligence leader. According to Cary, cybersecurity has long been a known weakness in both the government and private sectors.

in 2021A massive online database apparently containing the personal information of up to a billion Chinese citizens was left unprotected and publicly available for more than a year until an anonymous user on a hacker forum offered to sell the data, bringing it to wider attention in 2022.

“For so long, across so many industries and organizations, their cybersecurity has been really poor,” Cary told CNN. “If you look at what Chinese policymakers themselves say, cybersecurity in China is not good. They might say it’s still improving right now.”

China’s own government has acknowledged this.

The country’s 2025 National Security White Paper listed building “robust security barriers for the network, data, and artificial intelligence sectors” as a key priority, adding: “China has continued to strengthen the development of coordinated cybersecurity mechanisms, tools, and platforms to ensure the security and reliability of core information infrastructure.”

For more CNN news and newsletters, create an account at: CNN.com

Tags

Related Articles

Bills fan leaves stadium after catching errant throw

Bills fan leaves stadium after catching errant throw

October 6, 2025
Ray Dalio says today is like the early 1970s and investors should hold more gold than usual

Ray Dalio says today is like the early 1970s and investors should hold more gold than usual

October 7, 2025
Malinowski concedes to Mejia in Democratic US House special primary in New Jersey

Malinowski concedes to Mejia in Democratic US House special primary in New Jersey

February 10, 2026
What to know about new travel fee to enter the US

What to know about new travel fee to enter the US

July 18, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button