The Department of Justice (DOJ) announced charges against five Chinese nationals Wednesday who hacked into companies and institutions throughout the United States and elsewhere, as well as charges against two Malaysian nationals who allegedly helped the hackers target victims.
“The Chinese defendants targeted well over 100 victims worldwide in a variety of industries and sectors that are, sadly, part of the standard target list for Chinese hackers,” Deputy Attorney General Jeffrey Rosen said in a statement.
The charges allege two categories of criminal conduct. The Chinese hackers allegedly compromised software providers worldwide and then modified the code to install “backdoors” which allowed them to hack the software providers’ customers.
Chinese hackers allegedly “compromised the networks of video game companies worldwide (a billion-dollar industry) and defrauded them of in-game resources.” Two Chinese hackers and both Malaysian defendants are accused of selling the resources on the black market. (RELATED: Australian Government Hit By Massive Cyberattack For 2nd Straight Year, Some Suspect China)
Both Malaysian defendants are in custody as of Sunday night, and will face extradition hearings. The Chinese hackers are still at large, according to the Associated Press.
The Chinese defendants are part of the Advanced Persistent Threat (APT)-41 group, which is notorious for their activities as “one of the broadest campaigns by a Chinese cyber espionage actor in recent years,” per the statement.
One of the Chinese defendants allegedly boasted to a colleague that he was “very close” with the Ministry of State Security and would be protected “unless something very big happens,” said Rosen.
Rosen also criticized the Chinese Communist Party for their failure to enforce the law against hackers and turning a blind eye to the problem.
“No country can be respected as a global leader while paying only lip service to the rule of law and without taking steps to disrupt brazen criminal acts like these,” he said. “No responsible government knowingly shelters cyber criminals that target victims worldwide in acts of rank theft.”
The indictments come as the Trump administration cracks down on cybercrimes committed by China. Prosecutors accused hackers in July of targeting vaccine companies working on a coronavirus vaccine and stealing millions of dollars worth of intellectual property and trade secrets on behalf of China’s Ministry of Foreign Affairs. This prompted the U.S. State Department to shut down the Chinese consulate in Houston, Texas.
China retaliated by ordering the American consulate in Chengdu to close.