The United States Department of Justice (DoJ) announced it will press charges against five Chinese nationals and two Malaysian nationals over global hacking operations.
Over the course of six years, the seven threat actors hacked hundreds of organisations around the world to steal confidential information, hijack user identity, install ransomware and “crypto-jack”, which involves using the victim’s computers to mine cryptocurrency.
In August 2019 and August 2020, a federal grand jury in Washington, D.C., returned three separate indictments. All indictments charged Chinese nationals Zhang Haoran, Tan Dailin, Jiang Lizhi, Qian Chuan, and Fu Qiang as well as Malaysian nationals Wong Ong Hua, and Ling Yang Ching with similar counts of conspiracy, fraud, aggravated identity theft, money laundering, and violations of the Computer Fraud and Abuse Act.
According to the DoJ, the five Chinese hackers also collected information on Hong Kong’s pro-democracy movement.
“The scope and sophistication of the crimes in these unsealed indictments is unprecedented. The alleged criminal scheme used actors in China and Malaysia to illegally hack, intrude and steal information from victims worldwide,” said Michael R. Sherwin, the Acting US Attorney for the District of Columbia.
The Malaysian hackers conspired with two of the Chinese hackers to hijack and make profit from the video game industry in countries including Singapore, Japan, South Korea, France and the US. The perpetrators hacked video game companies, stole secrets and generated digital items of value on the video game like rare items found in the game, and then sold the items for profit.
All five of the Chinese nationals are reported to be fugitives in mainland China, but their exact whereabouts are unknown. Both Malaysians were arrested in Sitiawan, a town in Malaysia’s state of Perak.
In addition the the arrest warrants, the US District Court for the District of Columbia issued seizure warrants that resulted in the recent seizure of hundreds of accounts, servers, domain names, and command-and-control (C2”) “dead drop” web pages used by the defendants
“Today’s charges, the related arrests, seizures of malware and other infrastructure used to conduct intrusions, and coordinated private sector protective actions reveal yet again the Department’s determination to use all of the tools at its disposal and to collaborate with the private sector and nations who support the rule of law in cyberspace,” said Assistant Attorney General John C. Demers.
The DoJ is currently working with the Attorney General of Malaysia and the Royal Malaysia Police to seek extradition.
“This is the only way to neutralize malicious nation state cyber activity,” Mr. Demers added.
If indicted on all counts, the hackers could face more than 20 years in prison.
Microsoft, Google, Facebook, and Verizon Media provided assistance in the DoJ’s investigation. The actions by Microsoft were said to be a significant part of the overall effort to deny the defendants continued access to hacking infrastructure, tools, accounts, and command and control domain names.
Got a story, opinion or more information on this article? Contact us at editor@w.media.
And get the latest updates by signing up to the W.Media Newsletter!