For more than a decade, hackers working on behalf of the Chinese government have brazenly pursued advanced cyber intrusions on technology companies, with a particular focus on those that market software, such as CCleaner, role-playing games, and other types of games. On Wednesday, US authorities fired back, charging seven men allegedly backed by the Chinese government for carrying out a string of financially motivated hacks on more than 100 US and overseas organizations.
US prosecutors said the men targeted tech companies with the aim of stealing software-signing certificates, customer account data, and valuable business information, all with the tacit approval of the Chinese government. Working for front companies located in China, the defendants allegedly used the intrusions into game and software makers for money laundering, identity theft, wire and access device fraud, and to facilitate other criminal schemes, such as ransomware and cryptojacking schemes.
Legal protection
According to one of three indictments unsealed on Wednesday, defendant Jiang Lizhi boasted of his connections to China’s Ministry of State Security and claimed it provided him with legal protection “unless something very big happens.” Jiang’s business associate, Qian Chuan, allegedly spent the past 10 years supporting Chinese government projects, including development of a secure cleaning tool to wipe confidential data from digital media.
Along with a third man, Fu Qiang, the men worked for and were officers of a China-based firm called Chengdu 404 Network Technology Co. Ltd. The company publicly described itself as a network security company, composed of elite white-hat hackers who provided penetration testing, password recovery, mobile device forensics, and other defensive services. Chengdu 404’s website said that customers include “public security, military, and military enterprises.” The company’s front desk is pictured below…
Further Reading:
Report: Chinese government is behind a decade of hacks on software companies
Continue Reading