US Charges Five Members of China-Linked APT41 for Global AttacksUS Charges Five Members of China-Linked APT41 for Global Attacks
The five Chinese nationals are among seven defendants arrested for intrusion campaigns into more than 100 organizations, the DoJ reports.
September 17, 2020
Five members of APT41, an attack group with alleged ties to China, have been charged for their roles in computer intrusion campaigns targeting more than 100 organizations around the world, the Department of Justice reports. Two of their co-conspirators have been arrested in Malaysia.
Security researchers have tracked their attacks using threat labels including APT41, Barium, Winnti, Wicked Panda, and Wicked Spider. These campaigns facilitated the use of source code, software code signing certificates, customer account data, and valuable business information. They also enabled defendants' other criminal activity, including ransomware and cryptojacking.
Their intrusions affected more than 100 victim companies in the US and around the world, including software development firms, computer hardware manufacturers, telecom providers, social media companies, video game companies, nonprofit organizations, universities, think tanks, foreign governments, as well as pro-democracy politicians and activists in Hong Kong.
In August 2019 and 2020, a federal grand jury in Washington, DC, returned two indictments charging Zhang Haoran, Tan Dailin, Jiang Lizhi, Qian Chuan, and Fu Qiang, all of whom were residents and nationals of the People's Republic of China. All five defendants, one of whom allegedly claimed connections to the Chinese Ministry of State Security, are fugitives in China.
The US District Court for the District of Columbia issued arrest warrants for all of the charged defendants. In September 2020, it also issued seizure warrants that led to the seizure of accounts, servers, domain names, and command-and-control Web pages the defendants used to conduct the campaigns.
In August 2020, the same federal grand jury returned a separate indictment charging Wong Ong Hua and Ling Yang Ching, both Malaysian businessmen who allegedly conspired with two of the Chinese nationals to profit from attacks targeting video game companies in the US and abroad. The two were arrested by Malaysian authorities on Sept. 14, 2020.
Read the full Justice Department release for more details.
About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
How to Use Threat Intelligence to Mitigate Third-Party Risk
Everything You Need to Know About DNS Attacks
How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment