DOJ Takes Action Against Chinese Hacking Group

Share post:

The Justice Department pressed charges against four Chinese nationals on Monday, accusing them of being part of a hacking group that attacked companies, universities and government facilities in the U.S. and abroad between 2011 and 2018.

A San Diego grand jury returned indictments against all four in May, and it was unsealed on Friday, according to a Justice Department statement.

According to the indictment, Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin were members of the Hainan State Security Department working covertly within a front-line company called Hainan Xiandun Technology Development Co., Ltd.

The aim of the operation, according to the Justice Department, was to steal information from companies that would aid businesses in mainland China.

The three are accused of coordinating, facilitating and managing computer hackers and linguists at Hainan Xiandun and other MSS front companies.

Wu Shurong was also charged with his role as a hacker who created malware, helped the other three break into computer systems and allegedly supervised other Hainan Xiandun hackers.

The DOJ stated that the group attacked companies in the U.S., Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, U.K., Austria, Cambodia, Canada and Germany. Most of the attacks targeted companies working in the defense, education, healthcare, biopharmaceutical and aviation industries.

The indictment mentions the variety of hacking methods used to break into the companies’ systems, detailing how the group used spearphishing emails and hijacked credentials

The indictment points out that the hackers used anonymization services, Dropbox Application Programming Interface (API) keys, and even GitHub during their activities.

All four defendants are charged with one count of conspiracy to commit computer fraud and one count of conspiracy to commit industrial espionage, both of which together carry a maximum penalty of up to 20 years in prison.

For more information, read the original story in ZDNet.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Cyber Security Today, March 25, 2024 – A suspected China threat actor going after unpatched F5 and ScreenConnet installations

This episode reports on a new campaign stealing email passwords ,the latest data breaches

A hacker’s view of the civic infrastructure: Hashtag Trending, the Weekend Edition for March 23rd, 2024

What does the civic infrastructure look like through the eyes of a hacker? The legendary general Sun Tzu in the Art of War said that in order to defeat your enemy, you must first understand your enemy. How do you do this? He said, “to know your enemy, you must become your enemy.” If we

Cyber Security Today, Week in Review for week ending Friday, March 22, 2024

This episode features discussion on lessons learned from the ransomware attack on the British Library, advice for managing expectations of IT/security teams, why firms are leaving Google Firebase unprotecte

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways