5 Chinese nationals among those charged with cyberhacking that victimized over 100 people and companies worldwide

Five Chinese and two Malaysian international cyberhackers were indicted in federal court on Wednesday for allegedly intruding on over 100 companies and people in the US and abroad through online games to laundermillions of dollars,” the Justice Department announced Wednesday.

The intrusions, which security researchers have tracked using the threat labels ‘APT41,‘Barium,’ ‘Winnti,’ ‘Wicked Panda,’ and ‘Wicked Spider,’ facilitated the theft of source code, software code signing certificates, customer account data, and valuable business information,” prosecutors said in a news release.
These intrusions also facilitated the defendantsother criminal schemes, including ransomware and ‘crypto-jackingschemes, the latter of which refers to the group’s unauthorized use of victim computers to ‘minecryptocurrency,” hanno detto i pubblici ministeri.
Jiang Lizhi, Qian Chuan and Fu Qiang are charged in a nine-count indictment that says they allegedly used Chengdu 404 Network Technology to target over 100 aziende, organizations and people in the US, Asia and South America usingsophisticated hacking techniques.
    Da 2014, they held positions as “ufficiali” for Chengdu 404, which was publicly described asa network security company, composed of elite ‘white hat’ hacker, which provided defensive and counter-offensive network security services and data analytics services, including penetration testing, password recovery services, ‘mobile device forensicsand other services,” according to the indictment.
    Jiang allegedly bragged that it waseasy to find companies to target by searching lists of publicly-traded companies through ‘stock websites,'” the indictment says.
    In one notable instance, the defendants conducted a ransomware attack on the network of a non-profit organization dedicated to combating global poverty,” hanno detto i pubblici ministeri. The non-profit’s computers that were located in Washington, DC, were allegedly compromised by the hackers since 2018, according to the indictment.
    The hackers even targeted more than a dozenprominentunidentified universities in the US, Hong Kong and Taiwan, authorities allege. For one institution labeledUniversity #5in the indictment, essi “browsed at least 4,200 files and directories in over 75 server” fra 2018 e 2020.
    Zhang Haoran and Tan Dailin were charged in a 25-count indictment for participating in aComputer Hacking Conspiracy” quella “sought to make money by hacking video game companiesand selling items like video game currency for profit.
    The five Chinese nationals are at large and assumed to be in China.
    Wong Ong Hua, 46, and Ling Yang Ching, 32, both of Malaysia, are accused of working with hackers that targeted the video game industry to conduct computer intrusion offenses in the US, Francia, Giappone, Singapore and South Korea. They were charged with 23 counts of racketeering, cospirazione, identity theft and other charges. Both are in custody and awaiting extradition to the United States.
    One company labeledVideo Game Company#14in the indictment had a database of approximately 25 million records of which the hackers allegedly obtained a copy.
    The scope and sophistication of the crimes in these unsealed indictments is unprecedented. The alleged criminal scheme used actors in China and Malaysia to illegally hack, intrude and steal information from victims worldwide,” acting US Attorney Michael Sherwin said in a news release.
    This scheme also contained a new and troubling cyber-criminal componentthe targeting and utilization of gaming platforms to both defraud video game companies and launder illicit proceeds,” Sherwin said.
    Investigators with the US district court in Washington, DC, found through seizure warrantshundreds of accounts, server, domain names, and command-and-control ‘dead dropweb pages used by the defendants to conduct their computer intrusion offenses,” hanno detto i pubblici ministeri.
    The feds collaborated with Microsoft to develop and implement technology to block the threat actor from accessing victimscomputer systems.
      The actions by Microsoft were a significant part of the overall effort to deny the defendants continued access to hacking infrastructure, tools, conti, and command and control domain names,” hanno detto i pubblici ministeri.
      If convicted, Wong and Jing face a maximum of 27 years in prison for at least one of the charges in the indictment of false registration of domain names. Jiang, Qian and Fu face a maximum of 20 years in prison for at least one count in the indictment of conspiracy to commit computer fraud, and Zhang and Tan face a maximum of 20 years in prison for two counts of wire fraud if convicted.

      lascia un commento

      L'indirizzo email non verrà pubblicato. i campi richiesti sono contrassegnati *