On February 18, the first working day after a week-long Lunar New Year holiday, i-SOON, a Chinese information security company on which the Natto team reported last October, posted on its WeChat public account a red banner with the greeting  开工大吉 (kai gong da ji), meaning  “Good luck with your work throughout the new year.” However, this first business day in the year of the Dragon was not so blessed for i-SOON. A massive leak – including i-SOON’s product marketing white papers, compromised data samples, chat logs among employees and clients, screenshots and images related to the company’s business operations from at least 2020 to 2022 – was posted on GitHub. As of this writing, GitHub has taken down the leaked documents. The Associated Press confirmed the leak’s authenticity with two employees of i-SOON.

As various media reports illustrated, the leak “open(s) the lid on China’s commercial hacking industry” and provides “unprecedented insight into t…