Chinese hackers indicted in US for Treasury breach, other attacks
Source: AFP
Twelve Chinese nationals, including two public security ministry officers, have been indicted for a series of hacking attacks, including a 2024 breach of the US Treasury, the Justice Department said Wednesday.
Other alleged victims include US-based Chinese dissidents, the foreign ministries of several Asian countries, religious organizations and additional US federal and state government agencies, the department said.
Eight employees of a Chinese company called Anxun Information Technology Co. Ltd, also known as i-Soon, and two Ministry of Public Security officers were indicted in New York for involvement in the alleged hacking of email accounts, cell phones, servers, and websites between 2016 and 2023.
"For years, these 10 defendants -— two of whom we allege are (People's Republic of China - PRC) officials -- used sophisticated hacking techniques to target religious organizations, journalists, and government agencies, all to gather sensitive information for the use of the PRC," acting US attorney Matthew Podolsky said in a statement.
The Justice Department said the private Chinese hackers were paid in some cases by the Chinese ministries of public security and state security to exploit specific victims.
"In many other cases, the hackers targeted victims speculatively," it said, identifying vulnerable computers and then selling hacked information to the Chinese government.
All 20 defendants remain at large and the State Department offered a reward of up to $10 million for information leading to their arrest.
The hacking targets allegedly included a religious organization that sent missionaries to China, an organization focused on promoting human rights and religious freedom in China, a Hong Kong newspaper and the foreign ministries of Taiwan, India, South Korea and Indonesia.
'Silk Typhoon'
A separate indictment was also unsealed in Washington against Yin Kecheng and Zhou Shuai, alleged members of hacker group "APT 27," also known as "Silk Typhoon."
"Yin, Zhou, and their co-conspirators exploited vulnerabilities in victim networks, conducted reconnaissance once inside those networks, and installed malware, such as PlugX malware, that provided persistent access," the Justice Department said.
"Between them, Yin and Zhou sought to profit from the hacking of numerous US-based technology companies, think tanks, law firms, defense contractors, local governments, health care systems, and universities, leaving behind them a wake of millions of dollars in damages."
The United States sanctioned Yin in January for alleged involvement in a hack of the Treasury Department last year.
According to US media outlets, then-Treasury secretary Janet Yellen and other senior Treasury officials were among those targeted.
The State Department announced a reward of $2 million each for information leading to the arrest of Yin and Zhou, who are believed to be in China.
Several countries, notably the United States, have voiced alarm at what they say is Chinese-government-backed hacking activity targeting their governments, militaries and businesses.
Beijing rejects the allegations, and has previously said it opposes and cracks down on cyberattacks.
PAY ATTENTION: Сheck out news that is picked exactly for YOU ➡️ find the “Recommended for you” block on the home page and enjoy!
Source: AFP
