US charges five Chinese nationals for global hacking operations affecting over 100 companies
Sep 18, 2020
Washington [US], September 18 : The United States has charged five Chinese nationals and two Malaysian nationals over global hacking operations affecting more than 100 companies for at least six years.
According to a press statement issued by the US Justice Department, the hackers intruded into over 100 companies in the US and other countries including software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organisations, universities, think tanks and foreign governments, as well as pro-democracy politicians and activists in Hong Kong.
While the five Chinese defendants remain fugitives, two Malaysians were arrested in Malaysia this week and are facing extradition proceedings to the US.
"The defendants associated with Chengdu 404 employed sophisticated hacking techniques to gain and maintain access to victim computer networks. One example was the defendants' use of "supply chain attacks," in which the hackers compromised software providers and then modified the providers' code to facilitate further intrusions against the software providers' customers" the statement informed.
"Another example was the hackers' use of C2 "dead drops," which are seemingly legitimate web pages that the hackers created, but which were surreptitiously encoded instructions to their malware. However, they also employed publicly available exploits and tools, including the following common vulnerabilities and exposures ("CVE"): CVE-2019-19781, CVE-2019-11510, CVE-2019-16920, CVE-2019-16278, CVE-2019-1652/CVE-2019-1653, and CVE-2020-10189," it said.
"The Department of Justice has used every tool available to disrupt the illegal computer intrusions and cyberattacks by these Chinese citizens," said Deputy Attorney General Jeffrey A. Rosen. "Regrettably, the Chinese communist party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China."
"Today's charges, the related arrests, seizures of malware and other infrastructure used to conduct intrusions and coordinated private sector protective actions reveal yet again the department's determination to use all of the tools at its disposal and to collaborate with the private sector and nations who support the rule of law in cyberspace," said Assistant Attorney General John C. Demers. "This is the only way to neutralise malicious nation-state cyber activity."
"Today's announcement demonstrates the ramifications faced by the hackers in China but it is also a reminder to those who continue to deploy malicious cyber tactics that we will utilize every tool we have to administer justice," said FBI Deputy Director David Bowdich.
"The arrests in Malaysia are a direct result of partnership, cooperation and collaboration. As the cyber threat continues to evolve larger than any one agency can address, the FBI remains committed to being an indispensable partner to our federal, international and private sector partners to stop rampant cybercrime and hold those carrying out these kind of actions accountable," he added.
"The scope and sophistication of the crimes in these unsealed indictments is unprecedented. The alleged criminal scheme used actors in China and Malaysia to illegally hack, intrude and steal information from victims worldwide," said Michael R. Sherwin, Acting US Attorney for the District of Columbia.
"As set forth in the charging documents, some of these criminal actors believed their association with the PRC provided them free license to hack and steal across the globe. This scheme also contained a new and troubling cyber-criminal component - the targeting and utilization of gaming platforms to both defraud video game companies and launder illicit proceeds," Sherwin added.