US charges seven over wide-ranging hacks

By on
US charges seven over wide-ranging hacks

Covers APT41, Barium, Winnti, Wicked Panda, and Wicked Spider threats.

The US Justice Department charged five Chinese residents and two Malaysian businessmen in a wide-ranging hacking effort that encompassed targets from videogames to pro-democracy activists.

Federal prosecutors said the Chinese nationals had been charged with hacking more than 100 companies in the United States and abroad, including software development companies, computer manufacturers, telecommunications providers, social media companies, gaming firms, nonprofits, universities, think-tanks as well as foreign governments and politicians and civil society figures in Hong Kong.

In a statement, US authorities said the intrusions had been tracked by security researchers using the threat labels APT41, Barium, Winnti, Wicked Panda, and Wicked Spider.

APT41's exploits had been tracked closely by FireEye. The Winnti malware hit a number of industrial and other international blue-chip firms mid last year.

Authorities alleged the threat actors "facilitated the theft of source code, software code signing certificates, customer account data, and valuable business information."

"These intrusions also facilitated the defendants’ other criminal schemes, including ransomware and “crypto-jacking” schemes, the latter of which refers to the group’s unauthorised use of victim computers to “mine” cryptocurrency."

US officials stopped short of alleging the hackers were working on behalf of Beijing, but in a statement Deputy Attorney General Jeffrey Rosen expressed exasperation with Chinese authorities, saying they were - at the very least - turning a blind eye to cyber-espionage.

"We know the Chinese authorities to be at least as able as the law enforcement authorities here and in likeminded states to enforce laws against computer intrusions," Rosen said. "But they choose not to."

He further alleged that one of the Chinese defendants had boasted to a colleague that he was "very close" to China's Ministry of State Security and would be protected "unless something very big happens."

"No responsible government knowingly shelters cyber criminals that target victims worldwide in acts of rank theft," Rosen said.

The Chinese Embassy in Washington did not immediately return an email seeking comment. Beijing has repeatedly denied responsibility for hacking in the face of a mounting pile of indictments from US authorities.

Along with the alleged hackers, US prosecutors also indicted two Malaysian businessmen, Wong Ong Hua, 46, and Ling Yang Ching, 32, who were charged with conspiring with two of the digital spies to profit from computer intrusions targeting videogame companies in the United States, France, Japan, Singapore and South Korea.

The Justice Department said the pair operated through a Malaysian firm called SEA Gamer Mall. Messages left with the company were not immediately returned. 

Messages sent to email addresses allegedly maintained by the hackers also received no immediate response.

US Assistant Attorney General for National Security John Demers said that the Malaysian defendants were in custody but were likely to fight extradition.

The Justice Department said it has obtained search warrants this month resulting in the seizure of hundreds of accounts, servers, domain names and "dead drop" Web pages used by the alleged hackers to help siphon data from their victims.

The Department said Microsoft had developed measures to block the hackers and that the company's actions "were a significant part" of the overall US effort to neutralise them.

The company acknowledged this in a statement that applauded government officials for "taking action to protect our customers."

With additional reporting by iTnews

Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

Log In

Username / Email:
Password:
  |  Forgot your password?