One hour before we were going to publish this post, US Department of Justice unsealed an indictment charging eight i-SOON employees and highlighting the importance of companies like i-SOON in China's cyberthreat landscape.

Cyber threats from China have never stopped evolving; analysts grapple with who Silver Fox is and why they targeted Chinese-speakers, or who was using Shadowpad malware deploying ransomware and what their motivations were. To understand these new developments, we need to keep in mind the dynamics and constraints that Chinese cyberthreat actors face. For this, the i-SOON leaks remain crucial.

After over a year, the Natto Team continues to discover that the i-SOON leaks – product marketing white papers, compromised data samples, chat logs among employees and clients, screenshots and images of business operations from the Chinese information security company i-SOON – are a gift that keeps on giving. For example, the recent Natto Thoughts’ post from Eugenio Beninicasa dug…