Documents leaked from private company i-Soon reveal constant attacks against emails and mobile phones of exiles from Tibet, including the Dalai Lama
by Massimo Introvigne
We all knew that Chinese intelligence agencies keep the Tibetan and Uyghur diasporas under surveillance and harass them in many different ways. However, a data leak from the private company Shanghai Anxun Information Technology Co., Ltd. (i-Soon), which occurred on February 18, 2024, probably thanks to an anonymous whistleblower within the corporation, revealed that cyber surveillance has now escalated to a higher and much more dangerous level.
On April 18, the specialized research network Turquoise Roof released a detailed report analyzing the leaked i-Soon data, which mentions Uyghur targets but focuses on Tibetans. The leaked data reveal that among the main clients of i-Soon are “the Chinese police, the People’s Liberation Army, the Ministry of State Security, and the Tibetan regional authorities based in Lhasa.”
The i-Soon company supports a Chinese intelligence project known as “Poison Carp,” which has targeted since 2018 the mobile phones of Tibetans and Uyghurs in exile, including the Dalai Lama himself. The data reveal that in recent years the technology supplied by i-Soon has achieved a much higher level of sophistication. Some of the vulnerabilities in cell phones operating in India and elsewhere that i-Soon exploited were previously unknown to Western experts.
In addition, i-Soon technology was used to spy on commercial email used by thousands of Tibetans abroad. It can be safely assumed that whenever Tibetans in the diaspora, including the highest figures in the Central Tibetan Administration, use non-encrypted email, their messages are known to and analyzed by the Chinese intelligence.
The data also evidenced that i-Soon technology was used to spy on pro-democracy activists in Hong Kong and even on entering the private mailboxes and cell phones of foreign officials, including some working for the police of independent Mongolia and for India’s customs agencies.
Experts warn that Chinese cyber espionage technology appears to be much more advanced than Western intelligence had previously assumed. The i-Soon company was believed to be a comparatively minor player and its technology was not properly analyzed before the February 2024 leak.
Other opponents of China may also safely assume that their cell phones and non-encrypted emails are regular targets of Chinese espionage.