US Accuses 7 Chinese Individuals of Compromising the Data of Millions on the Behalf of the Chinese Government

by
Krishi Chowdhary
from The Tech Report on (#6KMAW)
China.jpeg
  • The US has released a list of 7 Chinese hackers responsible for compromising US citizens and organizations in the last 10 years
  • A reward of up to $10 million has been offered to anyone who can come up with substantial information about the group
  • The same group has also been accused by the UK of attempting to steal the emails of British government officials

China.jpeg?_t=1711453682

Cyber tensions between the US and China have reached an all-time high. On Monday, the US accused 7 Chinese men of conducting a cyber attack that affected millions of people over a span of 10+ years. Personal information from telephone conversations, emails, work accounts, and online storage have been compromised.

The seven suspects have been identified as:

  • Weng Ming, 37
  • Cheng Feng, 34
  • Ni Gaobin, 38
  • Zhao Guangzong, 38
  • Peng Yaowen, 38
  • Sun Xiaohui, 38
  • Xiong Wang, 35

Out of these 7, Gaobin and Guangzong have already been sanctioned by the UK and US regarding their involvement in Wuhan Xiaoruizhi - a company that was deemed to be a fake front for their illegal operations.

The US wasn't the only victim of this group. The UK government has also announced today that this was the same group that tried to steal the email accounts of British politicians in 2021.

However, since all of them are residents of China, it's hard to nab them. Given China's current standing with the US, extradition seems impossible.

The only hope to get any intel on these 7 accused is through the U.S. Department of State's Rewards for Justice program. The agency shared a post on X saying that anyone who shares information about these 7 accused will be eligible for a reward of up to $10 million or relocation.

Read more: Leaked data shows China cyber firm allegedly hacked govt agencies, businesses, organizations

Brief History of the Attacks

The attacks started sometime in 2010. Since then, these notorious hackers have been silently spying on computer networks and compromising online accounts to supply information that might be of interest to Beijing.

Deputy U.S. Attorney General Lisa Monaco said in a statement that this information was used to repress critics of the Chinese regime, compromise government institutions, and steal trade secrets."

This statement was backed by a list of targets recovered during a probe that found the names of US senators, White House staffers, and other government officials who criticized China in the past.

Speaking of the victims, both individuals and businesses were impacted.
  • Individuals like lawmakers, academics, journalists, and politicians were the most common targets. In some cases, even the spouses of such individuals made it under their radar.
  • Organizational targets include political parties, defense contractors, government agencies, apparel companies, steel & energy firms, and leading providers of 5G mobile telephone equipment and wireless technology.
The Group behind the Attack

Regulators believe that these threat actors are part of a group called Advanced Persistent Threat 31 or APT31" that operates out of Wuhan and is backed by China's Ministry of State Security.

They are also known by many other names such as Violet Typhoon, Zirconium, Judgment Panda, and Altaire.

Spear-phishing emails are their most preferred weapon of choice where they impersonate journalists and send out emails containing malicious links to politicians, government officials, and their spouses.

Once the victim clicks on it, all information about their device, location, and network is shared with the perpetrator.

They also use some advanced malware like Trochilus, RAWDOOR, EvilOSX, and DropDoor/DropCat among others to get backdoor access to the victim's device and steal more sensitive information from the victims.

Read more: Guess what hackers are targeting now - water systems

Some Examples of the AttacksThe indictment lists certain attacks that were allegedly carried out by the group.
  • In 2016, a zero-day attack compromised the data of a US defense contractor with offices in New York and Long Island.
  • Then again in 2018, they hacked an American public opinion research firm during the US midterm elections.
  • In another incident, sometime between 2017 and 2019, they broke into 7 IT-managed service providers (MSPs) in Massachusetts, Idaho, California, New York, and overseas.

As usual, Chinese diplomats in the US and UK have dismissed these allegations and the Chinese Embassy in London said that these charges are completely fabricated.

Interestingly, these accusations are not one-sided. China has accused the US of cyber espionage quite a few times in the last couple of years.

For example, last year the U.S. National Security Agency was accused of penetrating Huawei Technologies (a Chinese telecommunication company) by China's Ministry of State Security.

Read more: China plans to ban AMD and Intel chips from government offices

The post US Accuses 7 Chinese Individuals of Compromising the Data of Millions on the Behalf of the Chinese Government appeared first on The Tech Report.

External Content
Source RSS or Atom Feed
Feed Location https://techreport.com/feed/
Feed Title The Tech Report
Feed Link https://techreport.com/
Reply 0 comments