DOJ Takes Action Against Chinese Hacking Group

Share post:

The Justice Department pressed charges against four Chinese nationals on Monday, accusing them of being part of a hacking group that attacked companies, universities and government facilities in the U.S. and abroad between 2011 and 2018.

A San Diego grand jury returned indictments against all four in May, and it was unsealed on Friday, according to a Justice Department statement.

According to the indictment, Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin were members of the Hainan State Security Department working covertly within a front-line company called Hainan Xiandun Technology Development Co., Ltd.

The aim of the operation, according to the Justice Department, was to steal information from companies that would aid businesses in mainland China.

The three are accused of coordinating, facilitating and managing computer hackers and linguists at Hainan Xiandun and other MSS front companies.

Wu Shurong was also charged with his role as a hacker who created malware, helped the other three break into computer systems and allegedly supervised other Hainan Xiandun hackers.

The DOJ stated that the group attacked companies in the U.S., Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, U.K., Austria, Cambodia, Canada and Germany. Most of the attacks targeted companies working in the defense, education, healthcare, biopharmaceutical and aviation industries.

The indictment mentions the variety of hacking methods used to break into the companies’ systems, detailing how the group used spearphishing emails and hijacked credentials

The indictment points out that the hackers used anonymization services, Dropbox Application Programming Interface (API) keys, and even GitHub during their activities.

All four defendants are charged with one count of conspiracy to commit computer fraud and one count of conspiracy to commit industrial espionage, both of which together carry a maximum penalty of up to 20 years in prison.

For more information, read the original story in ZDNet.

Featured Tech Jobs


Related articles

Canada, U.S. sign international guidelines for safe AI development

Eighteen countries, including Canada, the U.S. and the U.K., today agreed on recommended guidelines to developers in their nations for the secure design, development, deployment, and operation of artificial intelligent systems. It’s the latest in a series of voluntary guardrails that nations are urging their public and private sectors to follow for overseeing AI in

Cyber Security Today, Nov. 27, 2023 – Ransomware gang posts data stolen from a Canadian POS provider, and more

This episode reports on the latest ransomware attacks, and details of how a gang that scams people selling used products on

Cyber Security Today, Week in Review for the week ending November 24, 2023

This episode features discussion on Australia's decision to not make ransowmare payments illegal, huge hacks of third-party service suppliers in Canada and the U.S. and whether email and smartphone service providers are doing enough to protect

Cyber Security Today, Nov. 24, 2023 – A warning to tighten security on Kubernetes containers, and more

This episode reports on the increasing number of vulnerable Kubernetes containers online, the latest acknowledged data breaches, a browser scam aimed at Macs

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways