China's Hackers Reportedly Stole Over $20 Million in Covid Relief Benefits
upstart writes:
Cybercriminals with ties to the Chinese government have stolen tens of millions of dollars in U.S. covid relief benefits, NBC reports.
APT41, a well-known threat actor, is said to have used various scams to siphon at least $20 million in relief benefits from state unemployment funds and Small Business Administration loans. That news comes from sources at the Secret Service, which has been investigating online fraud connected to covid relief programs. NBC calls this the "first instance of pandemic fraud tied to foreign, state-sponsored cybercriminals."
In the past, APT41-also known by its monikers "Winnti" and "Barium"-has been tied to a number of high-profile hacking campaigns that targeted U.S. victims. Earlier this year, the cybersecurity firm Mandiant reported that the group had penetrated the networks of at least six state governments via bugs in a widely used farming app-a campaign broadly considered to be an espionage effort.
In 2020, the U.S. Justice Department indicted a number of APT41 hackers in absentia in connection to a long-running hacking spree that allegedly stole millions of dollars from U.S. businesses, universities, non-profits, and other organizations. The hackers were never caught or brought to trial.
[...] Weirdly limited oversight of America's benefits distribution has made the system easy prey for online scammers. Cybercriminals and fraudsters have used a host of unsavory tactics (like stealing the social security numbers of dead people) to create fake profiles and file for illegitimate funds. In California alone, experts "conservatively" estimate that at least $20 billion in benefits have been stolen-including by a guy who boldly filed for funds using the name "Mr. Poopy Pants."
Read more of this story at SoylentNews.