US Indicts 7 Alleged Members of Infamous Chinese Hacking Group

[ad_1]

The US is retaliating against one of China’s most notorious hacking groups by exposing its membership. The Justice Department today unsealed an indictment against seven Chinese nationals for allegedly being part of APT 31, a Chinese state-sponsored hacking outfit that’s been active for the past 14 years. The resulting hacking activities may have ensnared millions of Americans since APT 31 has gained access to email and cloud storage accounts, along with telephone call records. The unsealed indictment goes as far as to show headshot photos of the named suspects. The US also says the indicted Chinese nationals allegedly worked with “dozens of identified PRC Ministry of State Security (MSS) intelligence officers, contractor hackers, and support personnel.”Security researchers have long investigated APT 31’s activities, which have included sending out phishing emails. But the indictment from the Justice Department tries to pull back the veil, with claims that the hacking group is actually run by China’s Ministry of State Security. 

(Credit: US Justice Department)

The indictment doesn’t reveal how the federal investigators tracked down APT 31’s membership. But it does offer a timeline of when the suspects carried out their hacking activities, suggesting that the FBI, and perhaps other US intelligence agencies, have been closely watching the group. For example, the indictment claims one of the suspects, 38-year-old Weng Ming, sent an email to his co-conspirator Sun Xiaohui about using a “malware variant called Gh0stRAT” in 2015. The UK government is backing the US’ findings, adding that “UK Electoral Commission systems were highly likely compromised by a Chinese state-affiliated entity between 2021 and 2022.”According to federal investigators, APT 31 sent thousands of malicious phishing emails, often while posing as journalists, media outlets, or reputable companies. In other cases, the group used custom malware and publicly unknown software vulnerabilities, known as zero-day exploits, to infiltrate potential targets.”These activities resulted in the confirmed and potential compromise of economic plans, intellectual property, and trade secrets belonging to American businesses, and contributed to the estimated billions of dollars lost every year,” the Justice Department added. The group’s targets included US government officials, such as staffers working at the White House, various federal agencies, and at least one presidential campaign. APT 31 could also target the spouses of elected officials and high-ranking officials. In other operations, the hacking group focused on infiltrating companies in major economic sectors, including defense contractors. 

Recommended by Our Editors

In addition, APT 31 targeted political dissidents critical of the Chinese government. This included hacking pro-democracy activists in Hong Kong. All seven suspects are believed to be residing in China, dampening any chances of a US extradition. In lieu of an arrest, the US Treasury Department and the UK are both imposing sanctions on the front company APT 31 has been using in China and two of the named suspects, Zhao Guangzong and Ni Gaobin. “The FBI will continue to send a clear message that cyber espionage will not be tolerated, and we will tirelessly pursue those who threaten our nation’s security and prosperity,” FBI Director Christopher Wray said in the announcement.

Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

[ad_2]

We will be happy to hear your thoughts

Leave a reply

Megaclicknshop
Logo
Compare items
  • Total (0)
Compare
0
Shopping cart