POST Online Media Lite Edition



 

U.S. charges 7 Chinese hackers with 'sinister' campaign spanning 14 years

Christian Fernsby |
The U.S. announced charges Monday against seven Chinese nationals who are accused of carrying out a "sinister" state sponsored hacking campaign that targeted US and foreign critics of China, businesses and political officials.

Article continues below




An indictment was unsealed charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.

The indicted include Ni Gaobin, 38; Weng Ming, 37; Cheng Feng, 34; Peng Yaowen, 38; Sun Xiaohui, 38; Xiong Wang, 35; and Zhao Guangzong, 38. All are believed to reside in the PRC.

The defendants and others in the APT31 Group targeted thousands of U.S. and foreign individuals and companies.

Some of this activity resulted in successful compromises of the targets’ networks, email accounts, cloud storage accounts, and telephone call records, with some surveillance of compromised email accounts lasting many years.

The more than 10,000 malicious emails that the defendants and others in the APT31 Group sent to these targets often appeared to be from prominent news outlets or journalists and appeared to contain legitimate news articles.

The malicious emails contained hidden tracking links, such that if the recipient simply opened the email, information about the recipient, including the recipient’s location, internet protocol (IP) addresses, network schematics, and specific devices used to access the pertinent email accounts, was transmitted to a server controlled by the defendants and those working with them.

The defendants and others in the APT31 Group then used this information to enable more direct and sophisticated targeted hacking, such as compromising the recipients’ home routers and other electronic devices.

The defendants and others in the APT31 Group also sent malicious tracking-link emails to government officials across the world who expressed criticism of the PRC government.

For example, in or about 2021, the conspirators targeted the email accounts of various foreign government individuals who were part of the Inter-Parliamentary Alliance on China (IPAC), a group founded in 2020 on the anniversary of the 1989 Tiananmen Square protests whose stated purpose was to counter the threats posed by the Chinese Communist Party to the international order and democratic principles.

The targets included every European Union member of IPAC, and 43 United Kingdom parliamentary accounts, most of whom were members of IPAC or had been outspoken on topics relating to the PRC government.

To gain and maintain access to the victim computer networks, the defendants and others in the APT31 Group employed sophisticated hacking techniques including zero-day exploits, which are exploits that the hackers became aware of before the manufacturer, or the victim were able to patch or fix the vulnerability.

These activities resulted in the confirmed and potential compromise of economic plans, intellectual property, and trade secrets belonging to American businesses, and contributed to the estimated billions of dollars lost every year as a result of the PRC’s state-sponsored apparatus to transfer U.S. technology to the PRC.

The targeted U.S. government officials included individuals working in the White House, at the Departments of Justice, Commerce, Treasury, and State, and U.S. Senators and Representatives of both political parties.

The defendants and others in the APT31 Group targeted these individuals at both professional and personal email addresses. Additionally in some cases, the defendants also targeted victims’ spouses, including the spouses of a high-ranking Department of Justice official, high-ranking White House officials, and multiple U.S. Senators.

Targets also included election campaign staff from both major U.S. political parties in advance of the 2020 election.

The allegations in the indictment regarding the malicious cyber activity targeting political officials, candidates, and campaign personnel are consistent with the March 2021 Joint Report of the Department of Justice and the Department of Homeland Security on Foreign Interference Targeting Election Infrastructure or Political Organization, Campaign, or Candidate Infrastructure Related to the 2020 US Federal Elections.

That report cited incidents when Chinese government-affiliated actors “materially impacted the security of networks associated with or pertaining to U.S. political organizations, candidates, and campaigns during the 2020 federal elections.”

That report also concluded that “such actors gathered at least some information they could have released in influence operations,” but which the Chinese actors did not ultimately deploy in such a manner. Consistent with that conclusion, the indictment does not allege that the hacking furthered any Chinese government influence operations against the United States.

The indictment’s allegations nonetheless serve to underscore the need for U.S. (and allied) political organizations, candidates, and campaigns to remain vigilant in their cybersecurity posture and in otherwise protecting their sensitive information from foreign intelligence services, particularly in light of the U.S. Intelligence Community’s recent assessment that “[t]he PRC may attempt to influence the U.S. elections in 2024 at some level because of its desire to sideline critics of China and magnify U.S. societal divisions.”

The defendants and others in the APT31 Group also targeted individuals and dozens of companies operating in areas of national economic importance, including the defense, information technology, telecommunications, manufacturing and trade, finance, consulting, legal, and research industries.

The defendants and others in the APT31 Group hacked and attempted to hack dozens of companies or entities operating in these industries, including multiple cleared defense contractors who provide products and services to the U.S. military, multiple managed service providers who managed the computer networks and security for other companies, a leading provider of 5G network equipment, and a leading global provider of wireless technology, among many others.

The defendants and the APT31 Group also targeted individual dissidents around the world and other individuals who were perceived as supporting such dissidents. For example, in 2018, after several activists who spearheaded Hong Kong’s Umbrella Movement were nominated for the Nobel Peace Prize, the defendants and the APT31 Group targeted Norwegian government officials and a Norwegian managed service provider.

The conspirators also successfully compromised Hong Kong pro-democracy activists and their associates located in Hong Kong, the United States, and other foreign locations with identical malware.


What to read next

Chinese authorities forcefully collecting genetic genetic samples from citizens
U.S. arrests 2 for allegedly operating secret Chinese police outpost in New York, nearly three dozen charged
Missouri files lawsuit against China: They lied about coronavirus

U.S.: Areas of severe thunderstorms and heavy rain through the weekend

 
Upper-level ridging weakens from the Ohio Valley to the Southeast on Friday, resulting in a reduced area of Heat Advisories over the east.
 
 

Latest

Baker Hughes: U.S. oil rig count down by 6 to 432
Malaysia introduces new rules prohibiting all plastic waste imports from U.S.
Kazakh-German JV Skyhansa to build $500 mln airport near Chinese border
Ukrainian poultry products gained access to Oman market

NEWS

EPPO targets criminal organisation suspected of VAT fraud involving sales of diesel

U.S.: Severe thunderstorms in the Northern Plains and Upper Midwest
Former U.S. senator Bob Menendez begins serving 11-year bribery sentence
Russian-linked tanker crew accused in Finland-Estonia undersea cable sabotage probe
Croatia: Former minister sentenced to two years of imprisonment for abuse of office and authority
U.S.: Widespread showers across the eastern half, severe thunderstorms in Montana into the Plains
 

BUSINESS

Peru's mining exports jump 23 pct

Vietnam encourages private businesses to invest in railway sector
Baker Hughes: U.S. oil rig count down by 1 to 438
AfDB to provide $184.1 million for Africa’s largest solar energy and battery storage project
EIB supports Bay of Biscay electricity interconnection between Spain and France
U.S., UK, and Congolese officials inaugurate Kiswishi City Special Economic Zone
 

Trending Now

Peru's mining exports jump 23 pct

Fire in Egyptian hospital kills at least seven coronavirus patients

Egyptians start paying taxes on imported mobiles

Micron plans to invest $200 billion in semiconductor manufacturing and R&D


POLITICS

New York Power Authority directed to develop nuclear power plant

Cuban President begins official visit to Belarus
EU adopts new tariffs on Russian and Belarusian agricultural goods and fertilisers
EU proposes banning LNG gas imports from Russia by end of 2027
New York Governor announces Sullivan County broadband project
Zimbabwe to ban lithium concentrate exports
 

Today We Recommend

New York Power Authority directed to develop nuclear power plant


Highlights 

Micron plans to invest $200 billion in semiconductor manufacturing and R&D

750 new jobs coming to Michigan

WFS to open new multi-purpose terminal at Lyon Airport


COMPANIES

Micron plans to invest $200 billion in semiconductor manufacturing and R&D

750 new jobs coming to Michigan
LS Cable and unit join Korea-Japan submarine cable project
WFS to open new multi-purpose terminal at Lyon Airport
CEVA Logistics renews contract to transport aeronautics parts between France, Morocco, Tunisia
Malian government takes over Canadian-owned Barrick Gold mine
 

CAREERS

Bluecrux appoints four new partners

Isomorphic Labs appoints Ben Wolf as chief medical officer
Vodacom names new international markets CEO
David Andreadakis joins Loyalty Juggernaut as chief commercial officer
Tom Montali joins CSL as business development director
Concirrus appoints Steve O'Reilly as product manager
 

ECONOMY

EU-Mercosur trade up substantially in last decade

Russia's trade surplus falls 18.3% to $42.4 bln in January-April
U.S. economy in Q1 revised up to 0.2-pct contraction
Japan loses top creditor position for first time in 34 years
NZ exports to EU jump 28% in first year of trade deal
EU generated €39.2 billion surplus in trade in agricultural products
 

EARNINGS

Ericsson Q2 sales down but North America up

Lockton revenue $3.55 billion
Motorcar Parts of America Q4 sales $189.5 million
Limoneira Q2 revenue $44.6 million
Lululemon athletica Q1 revenue increased 10% to $2.2 billion
PVH Q1 GAAP EBIT $205 million
 

OP-ED

Micromanaging is the worst enemy of efficiency and teamwork

Niger set to monetize massive gas reserves through Saharan natural gas pipeline
Putting the brakes on EV folly that choked the market
Oil discovery in Kavango Basin may mean huge benefits for Namibians
Cape Town and Dubai battle over Africa's energy future
Is America going to lose its superpower status?
 

AGRIFISH

Ireland: Minister Donohoe removes broiler poultry farmers from VAT Flat Rate Addition scheme

FLI tests mobile One Health laboratory for diagnosing highly pathogenic pathogens
First vaccine against swine dysentery disease recommended for approval
USDA expands fruit pest quarantines in New York and California
Peru records 23.6% growth in agricultural export sales compared to 2024
China allows imports of rapeseed meal, soybean meal from Uruguay
 

LEADERSHIP

Study: Missing a deadline has a bigger impact than you might think

Employers prefer younger job candidates for AI roles although experienced workers perform same or better
Study finds workers misjudge wage markets
Some organizations may need to expand their hierarchical structures earlier than others
Study finds there's right way and wrong way to deliver negative feedback in workplace
Allyship is critical and its needs appreciation
 

CRIME

German court convicts four ex-Volkswagen managers of fraud in emissions scandal

EU fines carmakers €458 million for anti-recycling cartel
Commission fines Pierre Cardin and its licensee Ahlers €5.7 million for restricting cross-border sales of clothing
BHP, Vale agree to pay $30B damages for Brazil dam disaster
Commission fines České dráhy and Österreichische Bundesbahnen €48.7 million over collusion to exclude common compe
SEC charges Keurig with making inaccurate statements regarding recyclability of K-Cup beverage pod
 

Magazine

TRAVEL

Radisson Hotel Group debuts in the heart of Tunisia’s capital city, Tunis

Morocco’s first Radisson branded hotel opens in Casablanca
Buna channels, an unreal and beautiful part of Bosnia and Herzegovina
JW Marriott unveils Mindful Haven with opening of JW Marriott Hotel Nairobi
Sotheby's Sports Week returns with fantastic artifacts
Red Roof properties open in Michigan
 

SEA, LAND, AIR

Citroën C3 Aircross, the most affordable compact SUV with 7 seats

2025 Chevrolet Equinox stands apart with fresh looks and capability
Hill Helicopters HX50, luxury in the sky
Opel Movano becomes fully equipped camper van
Porsche Panamera, new hybrid variants
Dodge Charger, 670 horsepower of electric
 

DESIGN

Cold night, hot fire pit, cool entertainment

Embellish your home with PVC panels
You'll have to hurry if you want one of 20 new Louis Vuitton watches
Luxury duvet looks good, fells good and keeps you healthy
Vacheron Constantin, watches for life and more
Schüller kitchens, where functionality marries design
 

GADGETS

MESA/Boogie Celebrates 40-year partnership with John Petrucci

reMarkable 2, monochrome tablet for your thoughts and your eyes
OnePlus Ace 3V, first with Snapdragon 7 Plus Gen 3
ASUS Zenfone 11 Ultra, flagship with a reason
Samsung Galaxy S24 is photography powerhouse
Casette tapes are making a big comeback, and so are portable players
 

HEALTH

Bolivia declares national health emergency due to measles outbreak

Hong Kong researchers develop needle-free flu vaccine with broad protection
World's first vaccines that don't need refrigeration entered trials
First patient enrolled in Phase 1 clinical trial of Akiram’s cancer drug candidate
FDA grants marketing authorization of first home test for chlamydia, gonorrhea and trichomoniasis
Human cases of anthrax reported in western Mongolia
 

MEANTIME

Cost of keeping wind turbines out of sight

Mission to "weigh" all of Earth's forests from space launched
NASA's SPHEREx space telescope begins mapping entire sky
Russian academics, gas industry experts see undersea LNG transportation as feasible
India launches space docking experiment mission
World-first carbon-14 diamond battery made