[BreachExchange] Chinese Nationals Charged With Hacking Attacks

Destry Winant destry at riskbasedsecurity.com
Fri Sep 18 09:57:21 EDT 2020


https://www.cfo.com/cyber-security-technology/2020/09/chinese-nationals-charged-with-hacking-attacks/

U.S. authorities announced that five Chinese nationals linked to a
China-backed hacking group have been charged with breaking into the
computer systems of more than 100 companies in the U.S. and abroad.

Two of the five alleged hackers — Zhang Haoran, 35, and Tan Dailin, 35
— were indicted by a grand jury in August 2019 while Jiang Lizhi, 35,
Qian Chuan, 39, and Fu Qiang, 37, were indicted by a separate grand
jury in August 2020.

According to the Department of Justice, the five are members of
“APT41,” which cybersecurity firm FireEye has described as “a prolific
cyber threat group that carries out Chinese state-sponsored espionage
activity in addition to financially motivated activity potentially
outside of state control.”

“Ideally, I would be thanking Chinese law enforcement authorities for
their cooperation in this matter and the five Chinese hackers would
now be in custody awaiting trial,” Deputy Attorney General Jeffrey
Rosen said at a news conference.

“Unfortunately, the record of recent years tells us that the Chinese
Communist Party has a demonstrated history of choosing a different
path, that of making China safe for their own cybercriminals, so long
as they help with its goals of stealing intellectual property and
stifling freedom,” he added.

Prosecutors said Zhang and Tan have been committing computer hacking
offenses since at least May 2011, using spear-phishing emails and
“supply chain attacks” to install undetectable malware in the networks
of high-tech and similar organizations.

They also allegedly hacked video game companies, obtaining and
otherwise generating digital items of value such as video game
currency and then selling them for profit.

The other indictment charged Jiang, Qian, and Fu with conspiring to
commit a “sprawling array” of hacks against organizations to steal
source code and facilitate ransomware schemes.

“The United States government is starting to turn the tide on Chinese
intrusion operations on Western companies and targets,” Adam Meyers,
CrowdStrike’s head of threat intelligence, told The New York Times.

John Hultquist, senior director of analysis at Mandiant, told
TechCrunch that APT41 conducted primarily financially motivated
operations focused on the video game industry before expanding into
traditional espionage.


More information about the BreachExchange mailing list