The U.S. Department of Justice charged five Chinese nationals and two Malaysian nationals for the massive hacking scheme of more than 100 companies.
The two Malaysian hackers were taken into custody, but the Chinese hackers remain fugitives in China. The Chinese hackers were identified as Zhang Haoran, Tan Dailin, Qian Chuan, Fu Qiang, and Jiang Lizhi, all of whom were part of the Chinese government-affiliated APT41 group, which targeted more than 100 companies in the U.S. and abroad in various industries.
The #FBI and our partners today announced charges against five Chinese nationals for their alleged activities, including unauthorized access to protected computers, money laundering, and fraud. https://t.co/ABDiYqm4GC pic.twitter.com/4q8e16TL7d
— FBI (@FBI) September 16, 2020
One of the Chinese hackers called himself “very close” to China’s Ministry of State Security, Deputy Attorney General Jeffrey Rosen said.
“These criminal acts were turbo-charged by a sophisticated technique referred to as a ‘supply chain attack,’ in which the Chinese hackers compromised software providers around the world, and modified the providers’ code to install backdoors that enabled further hacks against the software providers’ customers,” Rosen said.
Further, the hackers also infiltrated video game companies’ networks and stole in-game resources to sell illegally on their website.
Rosen said the DOJ and FBI worked with Microsoft, Google, Facebook, Verizon, and three other partners to “identify and neutralize” the servers, malware, domains, and other hacking tools used by APT41.
Rosen added that the federal government has “used every tool available to disrupt the illegal computer intrusions and cyberattacks by these Chinese citizens.”
“Ideally, I would be thanking Chinese law enforcement authorities for their cooperation in this matter and the five Chinese hackers would now be in custody awaiting trial,” Rosen said. “Unfortunately, the record of recent years tells us that the Chinese Communist Party has a demonstrated history of choosing a different path, that of making China safe for their own cyber criminals, so long as they help with its goals of stealing intellectual property and stifling freedom.”
Cybersecurity company FireEye has previously reported on APT41’s activities. In March, FireEye said it observed APT41 conducting “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.”