In its latest series of exposés the anonymous white-hat group Intrusion Truth has revealed the secret identities of individuals it claims are behind APT17 cyber-espionage group. APT17 (also known as Deputy Dog and Axiom) is a China-based hacking group, which is thought to be responsible for multiple cyberattacks against various organizations – from private companies to government entities all over the world.
According to Intrusion Truth, one of the members is a man called Guo Lin, who is believed to be an officer of the Chinese Ministry of State Security (MSS). He also appears to have links to four Chinese tech companies namely Jinan Quanxin Fangyuan Technology, Jinan Anchuang Information Technology, Jinan Fanglang Information Technology and RealSOI Computer Network Technology.
Two other members of APT17 are Wang Qingwei and Zeng Xiaoyong, according to Intrusion Truth. Wang Qingwei is a representative of the Jinan Fanglang company while Zeng Xiaoyong goes online under an alias of “envymask” and is a well-known member of Chinese hacking circles and is a member of the ph4nt0m group, Intrusion Truth claims.
All three of above-mentioned individuals live in the city of Jinan, the capital of Shandong province, and supposedly work as contractors for the Jinan bureau of the MSS conducting hacking operations on behalf of MSS.
It is not the first time when APT-doxing group exposed the identities of members of various hacking groups. In May 2017 and August 2018 Intrusion Truth identified several hackers involved in cyber operations carried out by Chinese-linked APT groups namely APT10 (Cloud Hopper) and APT3.