Cyber Incident Victim: Chinanews

On the evening of June 3, 2015, Chinanews.cn—the official website of China’s second-largest state-owned news agency—experienced a cyber attack that disrupted its online services for over an hour starting around 11 PM. Attackers compromised the website’s homepage, replacing its normal content with a one-sentence message containing a bank account number at the Industrial and Commercial Bank of China and an ID number linked to Tencent QQ, a popular instant messaging platform in China. The message demanded an unspecified payment to the provided account, vowing to "right the wrong" only after receiving the funds. By midnight, Chinanews had partially restored some services, though formatting issues persisted across its homepage and sub-channels. The Beijing Times reported the incident via its official microblog, sharing a screenshot of the defaced page as evidence. No group or individual claimed responsibility for the attack during the initial response period.

Service disruptions continued into the afternoon of June 4, with technical teams working to resolve lingering formatting problems. Chinanews staff confirmed the attack to the South China Morning Post but declined to provide further details, stating only that they were "trying our best to get back to being fully operational" and had "nothing to release at this moment about the hacking attack." Most mainland Chinese media outlets did not report the incident, limiting public awareness. The attackers’ use of a domestic bank account and QQ ID suggested a financially motivated blackmail attempt rather than a politically driven operation. While the agency avoided prolonged downtime, the breach highlighted vulnerabilities in critical state-affiliated media infrastructure. The incident remained unresolved by the time of reporting, with no official updates on investigation progress or perpetrator identification.