{"id":10272,"date":"2018-08-21T14:35:13","date_gmt":"2018-08-21T14:35:13","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/29246\/Meet-Intrusion-Truth-The-Mysterious-Group-Doxing-Chinese-Intel-Hackers.html"},"modified":"2018-08-21T14:35:13","modified_gmt":"2018-08-21T14:35:13","slug":"meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/","title":{"rendered":"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers"},"content":{"rendered":"

People come and go from the large, grey complex, with one tall building towering over a garden facing a road in Tianjin, China. But according to alleged Uber receipts and other information posted on a mysterious blog called Intrusion Truth, at least one person traveling to this address is a member of APT10, a Chinese hacking unit that has targeted manufacturing, aerospace, and engineering firms to steal trade secrets, including from the United States.<\/p>\n

Since the end of July, Intrusion Truth has steadily published a stream of alleged names of individual APT10 hackers, a bold and unusual move in the world of cyber-espionage, where operators typically remain anonymous, and cybersecurity companies only publish descriptions of victims in broad strokes. Multiple sources with knowledge of APT10\u2019s operations told Motherboard some of the details in Intrusion Truth\u2019s posts lineup with other data points on the Chinese group. Motherboard granted several sources in this story anonymity to discuss non-public information about government hacking operations.<\/p>\n

Intrusion Truth and its controversial approach bring up questions of the ethics of unmasking government-backed hackers, and whether such moves may act as some sort of deterrent, or at least retribution, against state-sponsored cyber-espionage.<\/p>\n

\u201cWe will work with companies, private analysts, hackers, governments\u2014whoever can provide the data that we need,\u201d a representative of Intrusion Truth told Motherboard in an email.<\/p>\n

**<\/p>\n

China has hacked its way to other nation\u2019s manufacturing secrets for years, ransacking military fighter jet schematics<\/a> and information on solar power<\/a>, among other industrial treasures. This near constant barrage eventually pushed former President Obama into brokering a deal with Chinese President Xi. In 2015, the two countries reached an agreement<\/a> to stop hacking focused on the theft of intellectual property. Cybersecurity researchers saw Chinese cyber-espionage dramatically decrease<\/a>. This year, however, Chinese hackers stole sensitive data<\/a> from a Navy contractor, and the country has ramped up intrusions<\/a> in parallel with mounting trade tensions with the US.<\/p>\n

This is the sort of wide-spanning industrial espionage that Intrusion Truth is particularly motivated against.<\/p>\n

\u201cIntellectual property theft is a global confrontation fought between the West and its online adversaries, mainly China. This theft damages hard working individuals, their companies and entire economies through lost revenue and competition that is completely unfair,\u201d Intrusion Truth told Motherboard.<\/p>\n

\u201cUntil recently, China has been winning\u2014it has acted with impunity, stealing data using commercial hackers that it pays and tasks but later claims are criminals. The use of commercial hackers is a deliberate attempt to circumvent the statements that China has made committing to stop this illegal activity,\u201d the group added.<\/p>\n

\"\"<\/p>\n

Caption: An image of the complex visited by one of the alleged APT10 hackers. Image: Screenshot, via Intrusion Truth.<\/p>\n<\/div>\n

Intrusion Truth first published snippets on APTs\u2014advanced persistent threats; essentially industry parlance for government-backed hackers\u2014last year. When it started, Intrusion Truth was focused on APT3, another Chinese group<\/a>. At the time, and based on publicly available website registration information and other data, Intrusion Truth claimed that APT3 was really \u2018Boyusec,\u2019<\/a> a software-company acting on behalf of China\u2019s Ministry of State Security (MSS) intelligence service. Intrusion Truth also named two specific individuals, Wu Yingzhuo<\/a> and Dong Hao<\/a>, the founding members of Boyusec. Seemingly in response, the Boyusec website went offline<\/a>.<\/p>\n

Sure enough, six months later, the US Department of Justice charged<\/a> Yingzhou, Hao, and Xia Lei, a third Chinese national who also worked for Boyusec, with computer hacking and other related crimes. The indictment named European manufacturing giant Siemens as one of the group\u2019s victims. The hackers haven\u2019t been arrested, but as Intrusion Truth pointed out in a post-mortem of the charges<\/a>, the Boyusec crew will likely find it harder to travel abroad now without the threat of being detained. (There is no indication that Intrusion Truth\u2019s posts led directly to the indictment).<\/p>\n

After a year of public dormancy, Intrusion Truth reemerged and shifted its focus to APT10, which is another top tier Chinese cyber-espionage group according to cybersecurity researchers.<\/p>\n

\u201cRight now they\u2019re one of probably the two or three most prolific Chinese groups out there,\u201d Ben Read, senior manager for cyber-espionage analysis at FireEye, which has tracked the outfit since 2009<\/a>, told Motherboard in a phone call. “One of the biggest things that makes them different is their scale right now,” Read added.<\/p>\n

Multiple cybersecurity firms have linked APT10 to hacks against victims in the US, UK, India, and elsewhere, including a mining company<\/a>, multiple IT service providers, and manufacturing firms. APT10 has a habit of targeting Managed Service Providers<\/a> (MSPs)\u2014companies that remotely provide tech products to clients\u2014and then using that privileged access to infiltrate their ultimate targets.<\/p>\n

\u201cThey really have global reach,\u201d Read said.<\/p>\n

Got a tip? You can contact this reporter securely on Signal on +44 20 8133 5190, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.<\/em><\/strong><\/p>\n

Intrusion Truth has published the names of three alleged APT10 hackers. One source who has researched APT10\u2019s operations said some of those names do overlap with non-public information about the group, as well as Intrusion Truth\u2019s claim that at least one of the hackers is based in Tianjin.<\/p>\n

None of the alleged hackers unmasked by Intrusion Truth responded to requests for comment from Motherboard.<\/p>\n

Intrusion Truth\u2019s posts include details of how the group allegedly identified its targets. Much of this appears to rely on building on already public reports from cybersecurity companies, following hacking infrastructure to email addresses, and then to social media accounts and other online records.<\/p>\n

But the Uber receipts mapping an alleged APT10 hacker\u2019s trips are clearly something else, likely requiring breaking into the person\u2019s Uber account, or intercepting their use of the app some other way, multiple cybersecurity researchers said.<\/p>\n

When asked about this specific data, Intrusion Truth told Motherboard \u201cWe won’t comment on where our material originates, other than to say that everything we publish we know to be true.\u201d In its Tianjin post, Intrusion Truth writes that \u201can analyst who prefers not to be named publicly\u201d provided the screenshots.<\/p>\n

**<\/p>\n

Cybersecurity companies publishing reports on government hacking groups may provide the real names of hackers to their clients, but usually don\u2019t release them publicly.<\/p>\n

\u201cWe won\u2019t achieve anything by publicly naming,\u201d Andrei Barysevich, director of advanced collection at threat intelligence firm RecordedFuture, told Motherboard at the annual Black Hat cybersecurity conference earlier this month. Likely the only time the company may publish names is in a direct collaboration with law enforcement, a RecordedFuture spokesperson added. Legal issues are also a concern\u2014accusing someone of being a government hacker, and likely a criminal in some contexts, without robust evidence could open up a company to libel cases.<\/p>\n

\u201cThere\u2019s no upside,\u201d Barysevich said. Several other cybersecurity researchers felt the same.<\/p>\n

Intrusion Truth, awarded the protection of anonymity and free from commercial liability, is taking another approach.<\/p>\n

\u201cWe are directly challenging this illegal and unfair activity by exposing those responsible, naming the hackers themselves and identifying the agencies that hide behind them. We will be tireless in our approach and already have a large network of analysts working with us,\u201d Intrusion Truth told Motherboard.<\/p>\n

\"\"<\/p>\n

Caption: Satellite imagery of a company Intrusion Truth says is connected to APT10. Image: Screenshot, via Intrusion Truth.<\/p>\n<\/div>\n

There may be merit to naming and shaming. In 2014, the Justice Department indicted five Chinese military hackers<\/a> for conducting cyber-espionage against several US targets. But this likely wasn\u2019t the sole reason China came to the negotiation table and the country\u2019s cyber-espionage subsided.<\/p>\n

\u201cIf you believe the agreement signed by Obama and Xi had an effect, then it was the combination of naming and shaming and the very real threat of sanctions on state-owned enterprises and very high level officials that eventually brought the levels of hacking down,\u201d Adam Segal, director of the Digital and Cyberspace Policy Program at the Council of Foreign Relations, told Motherboard in an email. \u201cIf you believe the reprieve was temporary, driven by the reorganization of the cyber forces in the PLA [China\u2019s People\u2019s Liberation Army], as I do, then you think Chinese industrial cyber-espionage is going to continue given Beijing\u2019s strategic and economic interests.\u201d<\/p>\n

One cybersecurity source with knowledge of Chinese APTs said that generally speaking the Chinese are not concerned with being caught; they only care about being successful.<\/p>\n

Segal said naming and shaming would have to be married with other actions to have consequences. Intrusion Truth, it seems, knows this: they urge governments to tell China that commercial espionage cannot continue. \u201cOnly be acting together can they make a difference.\u201d Intrusion Truth told Motherboard.<\/p>\n

But triggering a grand, macro-level shift in China\u2019s hacking policy is not necessarily Intrusion Truth\u2019s goal anyway. Instead, it\u2019s more about impacting those particular hackers they manage to name.<\/p>\n

\u201cWe want individuals hacking on behalf of the Chinese state to think twice about their illegal online activities,\u201d Intrusion Truth told Motherboard. \u201cLike the APT1 and APT3 hackers before them, once named, their chances of international travel or obtaining private work outside China are greatly reduced and they risk being charged by foreign law enforcement agencies,\u201d they added, with APT1 referring to a group that cybersecurity firm FireEye linked to a specific Chinese military unit<\/a> in 2013.<\/p>\n

Jake Williams, a former hacker for the NSA\u2019s Tailored Access Operations unit, told Motherboard in an email \u201cNaming individuals is a potential deterrent to crime, but that’s not what we’re talking about here,\u201d saying that nation state hackers work within the laws of their own countries while breaking legislation in others. \u201cOnly time can tell if naming individual operators will impact recruiting and retention for those missions.\u201d A group of self-described hackers called The Shadow Brokers, and which released a slew of powerful NSA exploits, previously called out Williams specifically<\/a> for his work with the NSA.<\/p>\n

It is not clear who is behind Intrusion Truth. In the headline of one post<\/a>, the group asks which Chinese group is stealing \u201cour intellectual property,\u201d alluding to APT3\u2019s hacks in the UK and US. Intrusion Truth, unsurprisingly, declined to provide specifics on its members or identities. But they do claim to be comprised of \u201canalysts,\u201d combing through data provided to them or digging up their own links.<\/p>\n

\u201cAn individual that joined us this year likened the work of Intrusion Truth to that of the \u2018Black Knights\u2019 who had to paint their armour with dark paint to mask their affiliation and protect their identities. But too many people are preoccupied with our colour, asking whether we are a red force or a blue force, whether we wear black hats or white hats,\u201d Intrusion Truth said.<\/p>\n

\u201cWe will never name ourselves or those who work with us. Our ability to contest China’s despicable activities in Cyberspace is derived precisely from our anonymity,\u201d they added. \u201cThat, and our willingness to tell the whole truth.\u201d<\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":10273,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[1471],"class_list":["post-10272","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackergovernmentchinacyberwar"],"yoast_head":"\nMeet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-08-21T14:35:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"320\" \/>\n\t<meta property=\"og:image:height\" content=\"154\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers\",\"datePublished\":\"2018-08-21T14:35:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/\"},\"wordCount\":1828,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/08\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg\",\"keywords\":[\"headline,hacker,government,china,cyberwar\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/\",\"name\":\"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/08\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg\",\"datePublished\":\"2018-08-21T14:35:13+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/08\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/08\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg\",\"width\":320,\"height\":154},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,china,cyberwar\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackergovernmentchinacyberwar\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/","og_locale":"en_US","og_type":"article","og_title":"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-08-21T14:35:13+00:00","og_image":[{"width":320,"height":154,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers","datePublished":"2018-08-21T14:35:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/"},"wordCount":1828,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg","keywords":["headline,hacker,government,china,cyberwar"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/","url":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/","name":"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg","datePublished":"2018-08-21T14:35:13+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers.jpg","width":320,"height":154},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/meet-intrusion-truth-the-mysterious-group-doxing-chinese-intel-hackers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,china,cyberwar","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentchinacyberwar\/"},{"@type":"ListItem","position":3,"name":"Meet Intrusion Truth, The Mysterious Group Doxing Chinese Intel Hackers"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/10272","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=10272"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/10272\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/10273"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=10272"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=10272"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=10272"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}