US Indicts 2 APT10 Members for Years-Long Hacking Campaign

  /     /     /  
Publicated : 23/11/2024   Category : security


US Indicts 2 APT10 Members for Years-Long Hacking Campaign


In an indictment unsealed this morning, the US ties Chinas state security agency to a widespread campaign of personal and corporate information theft.



Two members of Chinas APT10 hacking group have been indicted by the US Department of Justice on charges unsealed this morning. Zhu Hua (aka Afwar, CVNX, Alayos, and Godkiller) and Zhang Shilong (aka Baobeilong, Zhang Jianguo, and Atreexp) were charged with conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft.
The pair acted in association with the Chinese Ministry of State Securitys Tianjin State Security Bureau, said the DOJ in a statement. During a campaign lasting at least six years, the two targeted managed service provicers and individual companies, with victims including at least 45 companies in a dozen US states as well as a number of government agencies.
It is galling that American companies and government agencies spent years of research and countless dollars to develop their intellectual property, while the defendants simply stole it and got it for free. As a nation, we cannot, and will not, allow such brazen thievery to go unchecked, said US Attorney Geoffrey Berman during the press conference announcing the indictments. 
The indictment alleges that the defendants were part of a group that hacked computers in at least a dozen countries and gave Chinas intelligence service access to sensitive business information, said Deputy Attorney General Rosenstein, speaking at the same news conference.  This is outright cheating and theft, and it gives China an unfair advantage at the expense of law-abiding businesses and countries that follow the international rules in return for the privilege of participating in the global economic system.
In addition to the theft of commercial intellectual property, the indictment alleges that the two compromised more than 40 computers in order to steal sensitive data belonging to the Navy, including the names, Social Security numbers, dates of birth, salary information, personal phone numbers, and email addresses of more than 100,000 Navy personnel.
In a statement provided to Dark Reading, CrowdStrike co-founder and CTO Dmitri Alperovitch said, It is unprecedented and encouraging to see the US government, joined by so many international allies, taking a decisive stance against Chinese state-sponsored economic espionage. Todays announcement of indictments against Ministry of State Security (MSS), whom we deem now to be the most active Chinese cyber threat actor, is another step in a campaign that has been waged to indicate to China that its blatant theft of IP is unacceptable and will not be tolerated.
Read more details 
here
and
here
.

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
US Indicts 2 APT10 Members for Years-Long Hacking Campaign