Chinese Hackers steal COVID relief funds, loans

Share post:

According to the Secret Service, hackers linked to the Chinese government known as APT41 or Winnti stole at least $20 million in U.S. Covid relief benefits, including Small Business Administration loans and unemployment insurance funds, from over 12 American states. With some sources claiming that the hackers stole more than officials are aware of.

Despite the fact that the Secret Service claims to have seized over $1.4 billion in ill-gotten gains since 2020, this hacking group is said to be a prolific cybercriminal group that has conducted a mix of government-backed cyber intrusions and financially motivated data breaches.

The Secret Service declined to confirm the scope of other investigations or whether the Chinese government directed APT41 to steal US taxpayer funds, but said there are more than 1,000 ongoing investigations involving transnational and domestic criminal actors defrauding public benefits programs, with APT41 playing a significant role.

APT41’s intrusion methods have included hacking legitimate software and weaponizing it against innocent users, businesses, and governments over the years. It also monitors public disclosures of security flaws in legitimate software and then targets customers who do not immediately update their software. APT41, according to experts and officials, does all of this to collect personally identifying information and data about American citizens, institutions, and businesses that China can use for espionage purposes.

It is unclear why the hackers have been targeting US state governments for some time. In 2021 and 2022, the group went on a hacking spree against US state agencies, breaking into computers at government agencies in at least six US states.

The sources for this piece include an article in Reuters.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Cyber Security Today, May 22, 2024 – LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more

LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more. Welcome to Cyber Security...

Google criticizes Microsoft’s security practices in new report

Google has publicly criticized Microsoft for a series of security missteps, suggesting that organizations might consider more secure...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways