The US Department of Justice on Wednesday announced charges against five Chinese nationals and two Malaysian nationals for hacking more than a hundred targets in the US and elsewhere that include telecommunication companies universities, and pro-democracy politicians, and activists in Hong Kong.The Justice Department said that the two defendants were arrested in Malaysia while the remaining five defendants, one of whom allegedly boasted of connections to the Chinese Ministry of State Security, are fugitives in China.
The Justice Department charged Zhang Haoran, 35, and Tan Dailin, 35, with 25 counts of conspiracy, wire fraud, aggravated identity theft, money laundering, and violations of the Computer Fraud and Abuse Act (“CFAA”). The indictment charged Zhang and Tan with participating in a “Computer Hacking Conspiracy,” which targeted high-technology and similar organizations.
Whereas, the justice department charged Jiang Lizhi, 35, Qian Chuan, 39, and Fu Qiang, 37, with nine counts of racketeering conspiracy, conspiracy to violate the CFAA, substantive violations of the CFAA, access device fraud, identity theft, aggravated identity theft, and money laundering.
With regard to the two Malaysian nationals, it charged Wong Ong Hua, 46, and Ling Yang Ching, 32, both Malaysian nationals and residents, with 23 counts of racketeering, conspiracy, identity theft, aggravated identity theft, access device fraud, money laundering, violations of the CFAA, and falsely registering domain names.As per the justice department’s statement, the intrusions, which security researchers have tracked using the threat labels “APT41,” “Barium,” “Winnti,” “Wicked Panda,” and “Wicked Spider,” facilitated the theft of source code, software code signing certificates, customer account data, and valuable business information.The Justice Department further informed that there were 100 victim companies, organizations, and individuals in the United States and around the world, including in Australia, Brazil, Chile, Hong Kong, India, Indonesia, Japan, Malaysia, Pakistan, Singapore, South Korea, Taiwan, Thailand, and Vietnam.
The defendants also compromised foreign government computer networks in India and Vietnam, and targeted, but did not compromise, government computer networks in the United Kingdom.”The Department of Justice has used every tool available to disrupt the illegal computer intrusions and cyberattacks by these Chinese citizens. Regrettably, the Chinese Communist Party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China,” said Deputy Attorney General Jeffrey A. Rosen.
FBI Deputy Director David Bowdich said that the verdict announcements demonstrate the ramifications faced by hackers in China but called it as a reminder to “those who continue to deploy malicious cyber tactics that we will utilize every tool we have to administer justice”.”The arrests in Malaysia are a direct result of the partnership, cooperation, and collaboration. As the cyber threat continues to evolve larger than any one agency can address, the FBI remains committed to being an indispensable partner to our federal, international and private sector partners to stop rampant cyber crime and hold those carrying out these kinds of actions accountable,” the deputy director added.