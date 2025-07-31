Threat Intelligence

Silk Typhoon associated with cyberespionage tool patents

China Flag Made of Binary Code and Chinese Symbols on Red Backgr

(Adobe Stock)

More than a dozen patents for cyberespionage tools allowing Apple device forensics, encrypted endpoint data gathering, and remote router access have been filed by Chinese organizations associated with the state-sponsored threat operation Silk Typhoon, also known as Hafnium, reports The Hacker News.

The U.S. Justice Department's indictment of Chinese nationals Xu Zewei and Zhang Yu over their involvement in the widespread ProxyLogon attacks four years ago accused Zewei and Yu of working for Shanghai Powerock Network Co. Ltd., and Shanghai Firetech Information Science and Technology Company, Ltd., respectively, according to SentinelOne SentinelLabs researchers. Aside from having an ongoing relationship with China's Ministry of State Security, Shanghai Firetech was discovered to have been developing tools for close access operations, with its CEO Yin Wenji and Yu also noted to have been gathering Apple device, router, and defensive equipment data. "The variety of tools under the control of Shanghai Firetech exceeds those attributed to Hafnium and Silk Typhoon publicly. The capabilities may have been sold to other regional MSS offices, and thus not attributed to Hafnium, despite being owned by the same corporate structure," said SentinelLabs' Dakota Cary.

