DOJ says five Chinese nationals hacked into 100 U.S. companies

The hackers, part of a group known as “APT41,” were allowed to operate by the Chinese government, the FBI said.

Breaking News Emails

Get breaking news alerts and special reports. The news and stories that matter, delivered weekday mornings.
SUBSCRIBE
By Tom Winter

Five members of an alleged Chinese hacking group have been indicted for their role in a scheme to hack into more than 100 companies in the U.S., the Justice Department announced Wednesday.

Two Malaysian businessmen have been taken into custody in a separate indictment and charged with helping those hackers profit from intrusions into the video gaming industry, the Justice Department said.

The FBI says that the hackers, part of a group known as “APT41,” were allowed to operate by the Chinese government, who the U.S. says has made no effort to curb the hacking activities of their own citizens.

"Ideally, I would be thanking Chinese law enforcement authorities for their cooperation in this matter and the five Chinese hackers would now be in custody awaiting trial," Deputy Attorney General Jeffrey Rosen said at a press briefing announcing the charges.

“Unfortunately, the record of recent years tells us that the Chinese Communist Party has a demonstrated history of choosing a different path, that of making China safe for their own cyber criminals, so long as they help with its goals of stealing intellectual property and stifling freedom," Rosen added.

Chinese foreign ministry spokesperson Wang Wenbin pushed back against the allegations, saying the Chinese government is a “staunch defender of cybersecurity and has always resolutely opposed cyberattacks.”

“It is regrettable that the United States side has stigmatized the issue of cybersecurity as a tool for political manipulation and the dissemination of false information,” Wenbin added in a statement.

The five Chinese nationals facing charges were identified as Zhang Haoran, Tan Dailin, Qian Chuan, Fu Qiang, and Jiang Lizhi.

Rosen said one of them told a colleague he was “very close” to China's Ministry of State Security.

According to the charging documents, the alleged hackers allegedly conducted supply chain attacks to gain access to networks throughout the world allegedly deploying ransomware attacks and demanded payment from the victims. Federal prosecutors say they targeted telecommunications companies, governments, defense companies, education, and manufacturing industries.

The companies were located in the U.S., Australia, Brazil, Germany, India, Japan, and Sweden. The suspects also allegedly targeted telecommunications providers in the U.S., Australia, Tibet, Chile, India, Indonesia, Malaysia, Pakistan, Singapore, South Korea, Taiwan, and Thailand.

From top left, Jiang Lizhi, Tan Dailin, Qian Chuan, Zhang Haoran, and Fu Qiang.FBI

Two of the alleged hackers, Zhang and Tan, were also charged with activity allegedly targeting video gaming companies.

FBI Deputy Director David Bowdich said the department will send an alert to private companies in the U.S. later Wednesday containing technical information that the FBI thinks will be helpful in detecting and mitigating APT 41’s activities.

APT 41 is an industry nickname given to an extremely prolific hacker group, loosely associated with Chinese intelligence, which has hit a number of industries across the world, and which conducts both espionage and more conventional cybercrime for profit.

The Justice Department says that two businessmen located in Malaysia, identified as Ling Yang Ching and Wong Ong Hua, have been taken into custody in that country as part of the hacking scheme.

The indictment says those two men worked with the Chinese hackers to target video game companies in the U.S., France, South Korea, Japan, and in Singapore.

The Justice Department says authorities are working with Microsoft, Facebook, and others to try and thwart the hacking efforts.

Kevin Collier contributed.