DOJ Takes Action Against Chinese Hacking Group

Share post:

The Justice Department pressed charges against four Chinese nationals on Monday, accusing them of being part of a hacking group that attacked companies, universities and government facilities in the U.S. and abroad between 2011 and 2018.

A San Diego grand jury returned indictments against all four in May, and it was unsealed on Friday, according to a Justice Department statement.

According to the indictment, Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin were members of the Hainan State Security Department working covertly within a front-line company called Hainan Xiandun Technology Development Co., Ltd.

The aim of the operation, according to the Justice Department, was to steal information from companies that would aid businesses in mainland China.

The three are accused of coordinating, facilitating and managing computer hackers and linguists at Hainan Xiandun and other MSS front companies.

Wu Shurong was also charged with his role as a hacker who created malware, helped the other three break into computer systems and allegedly supervised other Hainan Xiandun hackers.

The DOJ stated that the group attacked companies in the U.S., Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, U.K., Austria, Cambodia, Canada and Germany. Most of the attacks targeted companies working in the defense, education, healthcare, biopharmaceutical and aviation industries.

The indictment mentions the variety of hacking methods used to break into the companies’ systems, detailing how the group used spearphishing emails and hijacked credentials

The indictment points out that the hackers used anonymization services, Dropbox Application Programming Interface (API) keys, and even GitHub during their activities.

All four defendants are charged with one count of conspiracy to commit computer fraud and one count of conspiracy to commit industrial espionage, both of which together carry a maximum penalty of up to 20 years in prison.

For more information, read the original story in ZDNet.


Related articles

Cyber Security Today, May 20, 2024 -Ransomware gang claims it hit a Canadian internet provider

A ransomware gang claims it hit a Canadian internet provider. Welcome to Cyber Security Today. It's Monday May 20th,...

Cyber Security Today, Week in Review for week ending Friday May 17, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, May 17th,...

Cyber Security Today, May 17, 2024 – Malware hiding in Apache Tomcat servers

Malware hiding in Apache Tomcat servers, new backdoors found, and more Welcome to Cyber Security Today. It's Friday, May...

MIT students exploit blockchain vulnerability to steal 25 million dollars

Two MIT students have been implicated in a highly sophisticated cryptocurrency heist, where they reportedly exploited a vulnerability...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways