Chinese Silk Typhoon Hackers File Over 10 Patents for Advanced Intrusive Hacking Tools

A SentinelLABS investigation has revealed that businesses linked to the Chinese advanced persistent threat (APT) group Hafnium, also known as Silk Typhoon, have submitted more than ten patents for highly intrusive forensics and data exfiltration methods.

These patents, registered by firms named in recent U.S. Department of Justice (DOJ) indictments, detail offensive capabilities, including encrypted endpoint data acquisition, mobile device forensics, and network traffic interception from routers and appliances.

The findings stem from July 2025 indictments of hackers Xu Zewei and Zhang Yu, who allegedly operated under the direction of China’s Ministry of State Security (MSS) through entities like Shanghai Powerock Network Company and Shanghai Firetech Information Science and Technology Company.

This ecosystem highlights a tiered contracting model where private firms provide tailored cyber-espionage support to state actors, complicating attribution efforts in the threat intelligence domain.

The indicted ...