A recent data leak has exposed TopSec, a Chinese cybersecurity company established in 1995, for providing censorship-as-a-service solutions alongside its legitimate security services. The company, known for EDR and vulnerability scanning, has been discovered offering specialized monitoring solutions aligned with government intelligence requirements.

The leaked data, analyzed by SentinelOne researchers, contains detailed infrastructure information, employee work logs, and evidence of web content monitoring services used for censorship purposes. A notable revelation includes TopSec’s involvement with a state-owned enterprise affected by a corruption scandal, suggesting the use of these platforms for public opinion control.

Key Findings:
– A “Cloud Monitoring Service Project” contract with Shanghai Public Security Bureau
– Implementation of content monitoring systems for detecting sensitive political content, violence, and inappropriate material
– Utilization of advanced infrastructure technologies including Ansible, Docker, ElasticSearch, Gitlab, and Kubernetes
– Development of a specialized framework called Sparta/Sparda for processing sensitive content through GraphQL APIs

The leak, discovered through a text file uploaded to VirusTotal in January 2025, demonstrates the intricate relationship between Chinese government entities and private cybersecurity firms. While Shanghai Anheng Smart City Security Technology Co. Ltd. secured the monitoring project contract, the leak reveals TopSec’s broader involvement in censorship infrastructure.

This revelation highlights the extensive integration between China’s private cybersecurity sector and government control mechanisms, showcasing a sophisticated system for managing online content and public opinion.